<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body>
    <p>Hello Rob,<br>
      <br>
      Thanks for the useful suggestion. We've amended our proposed
      ballot language accordingly.<br>
      <br>
      We would still like to determine the best way to direct CAs to the
      weak key populations assembled through the work of yourself and
      HARICA.<br>
      <br>
      On the broader question of how to proceed, we see three options
      for community consideration:<br>
      <br>
      - Carry forward with this proposed ballot;<br>
      - Consider adding this language to a future cleanup ballot; or<br>
      - Declaring that current language and guidance are sufficient.<br>
      <br>
      To recap, the ur-issue is itself from 2006-2008, our initial
      request for input on this matter was made in April 2020 and this
      ballot language has been under (sporadic) discussion since
      December 2020. Given the narrow focus of the issue itself, this
      could certainly be considered a low priority, and thus wrapped
      into a future cleanup ballot (rather than undergoing a separate
      ballot procedure).<br>
      <br>
      However, we note that the impetus for this ballot discussion was
      failure of a publicly-trusted CA to prevent issuance of a
      certificate using a Debian weak key in March 2020. We aim to
      ensure this doesn't happen again by clear delineation of expected
      practices (and direction to appropriate resources) in our Baseline
      Requirements.<br>
      <br>
      We believe this proposal offers clearer guidance on this matter
      than the current BR language, and is an opportunity to make an
      ecosystem-wide improvement in CA practices.<br>
      <br>
      We hope to discuss this in our regular call and very much welcome
      community input.<br>
      <br>
      Regards,<br>
      <br>
      Chris K<br>
      <br>
      =====<br>
      <br>
      SCXX Ballot proposal: Debian Weak keys<br>
      <br>
      (NOTE: Edited per RS suggestion, updated version number to 1.7.9,
      but still currently directs to debian.org resource)<br>
      <br>
      =====<br>
      <br>
      --- Motion Begins --- <br>
      <br>
      This ballot modifies the “Baseline Requirements for the Issuance
      and Management of Publicly-Trusted Certificates” as follows, based
      on Version 1.7.9: <br>
      <br>
      Proposed ballot language: <br>
      <br>
      4.9.1.1 Reasons for Revoking a Subscriber Certificate <br>
       <br>
      Replace: <br>
      <br>
      4. The CA is made aware of a demonstrated or proven method that
      can easily compute the Subscriber’s Private Key based on the
      Public Key in the Certificate (such as a Debian weak key, see
      <a class="moz-txt-link-freetext" href="https://wiki.debian.org/SSLkeys">https://wiki.debian.org/SSLkeys</a>) <br>
      <br>
      With: <br>
      <br>
      4. The CA is made aware of a demonstrated or proven method that
      can easily compute the Subscriber’s Private Key (such as those
      identified in 6.1.1.3(4)). <br>
      <br>
      --- <br>
      <br>
      6.1.1.3. Subscriber Key Pair Generation <br>
      <br>
      Replace: <br>
      <br>
      The CA SHALL reject a certificate request if one or more of the
      following conditions are met: <br>
      <br>
      1. The Key Pair does not meet the requirements set forth in
      Section 6.1.5 and/or Section 6.1.6; <br>
      <br>
      2. There is clear evidence that the specific method used to
      generate the Private Key was flawed; <br>
      <br>
      3. The CA is aware of a demonstrated or proven method that exposes
      the Applicant's Private Key to compromise; <br>
      <br>
      4. The CA has previously been made aware that the Applicant's
      Private Key has suffered a Key Compromise, such as through the
      provisions of Section 4.9.1.1; <br>
      <br>
      5. The CA is aware of a demonstrated or proven method to easily
      compute the Applicant's Private Key based on the Public Key (such
      as a Debian weak key, see <a class="moz-txt-link-freetext" href="https://wiki.debian.org/SSLkeys">https://wiki.debian.org/SSLkeys</a>). <br>
      <br>
      With: <br>
      <br>
      The CA SHALL reject a certificate request if one or more of the
      following occurs: <br>
      <br>
      1) The requested Public Key does not meet the requirements set
      forth in Sections 6.1.5 and/or 6.1.6; <br>
      <br>
      2) The CA is aware of a demonstrated or proven method that exposes
      the Subscriber's Private Key to compromise; <br>
      <br>
      3) The CA has previously been made aware that the Subscriber's
      Private Key has suffered a Key Compromise, such as through the
      provisions of Section 4.9.1.1; <br>
      <br>
      4) The Public Key corresponds to an industry demonstrated weak
      Private Key, in particular: <br>
      <br>
      a) In the case of ROCA vulnerability, the CA SHALL reject keys
      identified by the tools available at
      <a class="moz-txt-link-freetext" href="https://github.com/crocs-muni/roca">https://github.com/crocs-muni/roca</a> or equivalent. <br>
      <br>
      b) In the case of Debian weak keys
      (<a class="moz-txt-link-freetext" href="https://wiki.debian.org/SSLkeys">https://wiki.debian.org/SSLkeys</a>), the CA SHALL reject at least
      keys generated by the flawed OpenSSL version with the combination
      of the following parameters: <br>
      <br>
      i) Big-endian 32-bit, little-endian 32-bit, and little-endian
      64-bit architecture; <br>
      <br>
      ii) Process ID of 0 to 32767, inclusive; <br>
      <br>
      iii) All RSA Public Key lengths supported by the CA; <br>
      <br>
      iv) rnd, nornd, and noreadrnd OpenSSL random file state.<br>
      <br>
      --- Motion Ends --- <br>
      <br>
      =====<br>
      <br>
    </p>
    <div class="moz-cite-prefix">On 5/13/2021 9:42 AM, Rob Stradling
      wrote:<br>
    </div>
    <blockquote type="cite" cite="mid:MW4PR17MB472977E83FAE719172F40D00AA519@MW4PR17MB4729.namprd17.prod.outlook.com">
      
      <style type="text/css" style="display:none;">P {margin-top:0;margin-bottom:0;}</style>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <span style="color: rgb(0, 0, 0); font-family: Calibri, Arial,
          Helvetica, sans-serif; font-size: 12pt;">> </span><span style="color: rgb(0, 0, 0); font-family: Calibri, Arial,
          Helvetica, sans-serif; font-size: 12pt;">iii) All RSA Public
          Key lengths supported by the CA up to and including 4096 bits;</span><br>
      </div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        > ...</div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        > For Debian weak keys not covered above, the CA SHALL take
        actions to minimize the probability of certificate issuance.
      </div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <br>
      </div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        Hi Christopher.  What sort of "actions" are envisaged here?  If
        a CA is processing a certificate request that contains a (for
        example) RSA-4088 public key (i.e., a key size not covered by an
        available Debian weak list), either the CA is going to issue the
        cert or they're not.  What, concretely, does "minimize the
        probability of certificate issuance" actually mean?</div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <br>
      </div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        Why not remove that "SHALL" sentence and change point iii to: "<span style="background-color:rgb(255, 255, 255);display:inline
          !important">iii) All RSA Public Key lengths supported by the
          CA." ?</span></div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <br>
      </div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        BTW, in case it helps, I'm about half way through generating a
        full set of RSA-8192 Debian weak keys, which (when complete)
        I'll add to the
        <a href="https://github.com/CVE-2008-0166" moz-do-not-send="true">https://github.com/CVE-2008-0166</a> repositories.</div>
      <div style="font-family: Calibri, Arial, Helvetica, sans-serif;
        font-size: 12pt; color: rgb(0, 0, 0);">
        <br>
      </div>
      <div>
        <hr tabindex="-1" style="display:inline-block; width:98%">
        <div id="divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b>
            Christopher Kemmerer <a class="moz-txt-link-rfc2396E" href="mailto:chris@ssl.com"><chris@ssl.com></a><br>
            <b>Sent:</b> 13 May 2021 15:12<br>
            <b>To:</b> Rob Stradling <a class="moz-txt-link-rfc2396E" href="mailto:rob@sectigo.com"><rob@sectigo.com></a>; Dimitris
            Zacharopoulos (HARICA) <a class="moz-txt-link-rfc2396E" href="mailto:dzacharo@harica.gr"><dzacharo@harica.gr></a>; CA/B
            Forum Server Certificate WG Public Discussion List
            <a class="moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org"><servercert-wg@cabforum.org></a>; Jacob Hoffman-Andrews
            <a class="moz-txt-link-rfc2396E" href="mailto:jsha@letsencrypt.org"><jsha@letsencrypt.org></a><br>
            <b>Subject:</b> Re: [Servercert-wg] SCXX Ballot proposal:
            Debian Weak keys</font>
          <div> </div>
        </div>
        <div>
          <div style="background-color:#FAFA03; width:100%;
            border-style:solid; border-color:#000000; border-width:1pt;
            padding:2pt; font-size:10pt; line-height:12pt;
            font-family:'Calibri'; color:Black; text-align:left">
            <span style="color:000000">CAUTION:</span> This email
            originated from outside of the organization. Do not click
            links or open attachments unless you recognize the sender
            and know the content is safe.</div>
          <br>
          <div>
            <div class="x_OutlineElement x_Ltr x_BCX2 x_SCXW100400534" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">Hello,</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
                  <br>
                </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_BCX2 x_SCXW100400534" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">We deeply appreciate the
                    useful discussion in this thread regarding this
                    issue. We especially applaud the efforts of HARICA
                    and
                  </span></span><span class="x_TextRun x_SCXW100400534
                  x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SpellingErrorV2 x_SCXW100400534 x_BCX2">Sectigo</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> to independently generate
                    more comprehensive lists of potentially affected
                    Debian weak keys. As Rob Stradling observed through
                    his crt.sh research (20210107,
                    <a class="x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgist.github.com%2Frobstradling%2Fa5590b6a13218fe561dcb5d5c67932c5&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954353387%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=ZELduxkdVuM%2F8lX%2F0S27vxUfAyIYYywxTUiuQB%2FJUF8%3D&reserved=0" originalsrc="https://gist.github.com/robstradling/a5590b6a13218fe561dcb5d5c67932c5" shash="P1DYfCdeY4rUDp/lSc1ohbEJ7rxfFeCg2gTbLYWJbhOR0hz6+xF7XKwavp5V35NgNj7+QTAwE7ehFZ8hGTzsAP0ILPDoSaB4dcZ+WldC8WQAR0eL5g+yrhCJz9dvbbEmUNGlxZ4Ldk+DrreDdMMSV8E4BTrnzSaQg15M94fCGGU=" moz-do-not-send="true">
https://gist.github.com/robstradling/a5590b6a13218fe561dcb5d5c67932c5</a>)
                    of the five most utilized algorithm/key size
                    populations, two are ECC (so not impacted by the
                    Debian weak key issue) and three are RSA (</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">2048, 4096, and 3072 bit</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> length, in that order).</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
                  <br>
                </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">As of their most recent
                    messages it appears that these two organizations
                    have independently generated comprehensive lists
                    identifying all RSA-</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">2048 and -4096 bit</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> length keys. (We </span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">understand</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> RSA-3072 length keys</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> are also </span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">available</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">.) This offers the
                    possibility that complete lists, if accepted as
                    authoritative, could be accessed by the community to
                    help prevent exploitation of this vulnerability.</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
                  <br>
                </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">It was also noted (by the
                    representative from </span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">Let's</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> Encrypt) that the ROCA
                    vulnerability is presently identified through use of
                    a tool supported externally. It was suggested that
                    this resource be archived in a manner that ensures
                    availability. (Our proposed language points to "<a class="x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcrocs-muni%2F&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954353387%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=%2B6Bbrw6zOi9Mqg4ufrsCgQr4I2GpiDVyF799GdFZo%2Fc%3D&reserved=0" originalsrc="https://github.com/crocs-muni/" shash="E+ceSEks6Y47Y+rgBWPegmxixzZvrb3w2m26BsmUQhVkAFtse+0i7k2oA3meATmEb4U6BwQIbrH4oK3TkHeAiTOhWEk8Jyw98TRT8LjFeYZOLFvkjr0qSNkUNoJwiUC82rpSWWumVFd5xhO9QbPFMGKN5ajGr6C1zD+f559tMd0=" moz-do-not-send="true">https://github.com/crocs-muni/</a></span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SpellingErrorV2 x_SCXW100400534 x_BCX2">roca</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> or equivalent.")</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
                  <br>
                </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">We think our present ballot
                    language (reproduced at the end of this message)
                    provides appropriately focused guidance to CAs. If
                    available,
                  </span></span><span class="x_TextRun x_SCXW100400534
                  x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">we'd</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> certainly like to also see
                    the HARICA/</span></span><span class="x_TextRun
                  x_SCXW100400534 x_BCX2" style="font-size:11pt;
                  line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SpellingErrorV2 x_SCXW100400534 x_BCX2">Sectigo</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> lists (which CAs could use
                    for the majority of Debian weak key use cases)
                    captured somewhere in this ballot language. We are
                    agnostic as to 1) where exactly these resources
                    might be maintained and 2) where this ballot places
                    directions to these resources - an annex to the
                    current requirements, a separate CA/BF guidance
                    document or within Sections 4.9.1.1/6.1.1.3.</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
                  <br>
                </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">Our intent is to ensure that
                    1) clear, accurate guidance on CA expectations is
                    provided and 2) any resources assisting CAs in
                    meeting these expectations are fully described,
                    publicly available (somewhere) and with reliable
                    links provided. The language below, we feel, meets
                    the first requirement. </span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">We'd</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> appreciate input on how to
                    best meet the second. (Note that SSL.com would be
                    happy to support the community by hosting any of
                    these as
                  </span></span><span class="x_TextRun x_SCXW100400534
                  x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">publicly accessible</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> resources, whether solo or
                    alongside other organizations.)</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
                  <br>
                </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">Chris K</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">SSL.com</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
                  <br>
                </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">=====</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">--- Motion Begins ---</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">This ballot modifies the
                    “Baseline Requirements for the Issuance and
                    Management of Publicly-Trusted Certificates” as
                    follows, based on Version 1.7.</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">4</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">:</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">Proposed ballot language:</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif;
                  font-weight:bold" lang="EN-US"><span class="x_NormalTextRun x_SCXW100400534 x_BCX2">4.9.1.1
                    Reasons for Revoking a Subscriber Certificate</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">Replace:</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">4. The CA is made aware of a
                    demonstrated or proven method that can easily
                    compute the Subscriber’s Private Key based on the
                    Public Key in the Certificate (such as a Debian weak
                    key, see
                    <a class="x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.debian.org%2FSSLkeys&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954353387%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=8k346qzJCSyDiCSkHRf9hCx3lOT9r0QSQ8LPKmQv1Ic%3D&reserved=0" originalsrc="https://wiki.debian.org/SSLkeys" shash="h7AFgDKvfiVRNYHI+AUqbXQmBVppYxCHfy7mPS1JpddSrW2y/KyottmnSHd21ah3mCLbbudmQvZxPqOWqIvLVXxHuhWk31WXpvdzyujb2KK3yQ/pEX8dLwlzi0FUb+HmRIEpUzq/M+jO5jQ3O2l6HUyTL/P9e4uXNd4pZSY6Hpk=" moz-do-not-send="true">
                      https://wiki.debian.org/SSLkeys</a>)</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">With:</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">4. The CA is made aware of a
                    demonstrated or proven method that can easily
                    compute the Subscriber’s Private Key (such as those
                    identified in 6.1.1.3(4)).</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">---</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif;
                  font-weight:bold" lang="EN-US"><span class="x_NormalTextRun x_SCXW100400534 x_BCX2">6.1.1.3.
                    Subscriber Key Pair Generation</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">Replace:</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">The CA SHALL reject a
                    certificate request if one or more of the following
                    conditions are met:</span></span><span class="x_EOP
                  x_SCXW100400534 x_BCX2" style="font-size:11pt;
                  line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">1. The Key Pair does not
                    meet the requirements set forth in Section 6.1.5
                    and/or Section </span></span><span class="x_TextRun
                  x_SCXW100400534 x_BCX2" style="font-size:11pt;
                  line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">6.1.6;</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">2. There is clear evidence
                    that the specific method used to generate the
                    Private Key was </span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">flawed;</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">3. The CA is aware of a
                    demonstrated or proven method that exposes the
                    Applicant's Private Key to </span>
                </span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">compromise;</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">4. The CA has previously
                    been made aware that the Applicant's Private Key has
                    suffered a Key Compromise, such as through the
                    provisions of Section
                  </span></span><span class="x_TextRun x_SCXW100400534
                  x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">4.9.1.1;</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">5. The CA is aware of a
                    demonstrated or proven method to easily compute the
                    Applicant's Private Key based on the Public Key
                    (such as a Debian weak key, see
                    <a class="x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.debian.org%2FSSLkeys&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954363341%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=B%2B7P5Mt6gju%2Fcqk20zgg12bdBBSIjEp9agCWOVtr9dg%3D&reserved=0" originalsrc="https://wiki.debian.org/SSLkeys" shash="qvX2DkEikD3sl5srsf0ZzcXtBPXLeooqy/IvLR6zJEwQ7tTghqUFGGMPwydK2VB+K5kDhwrCbYCGQWOPH+8eZL5AIhuAYqrvmDuA9IvUcQ9EN5AfXb/qhZ+jq/3CEmVWccD/vuAXFG0PfuP9Pt2qxRnhz4Mr9TdJKVmBngdegCE=" moz-do-not-send="true">
                      https://wiki.debian.org/SSLkeys</a>).</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">With:</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">The CA SHALL reject a
                    certificate request if one or more of the following
                    occurs:</span></span><span class="x_EOP
                  x_SCXW100400534 x_BCX2" style="font-size:11pt;
                  line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">1) The requested Public Key
                    does not meet the requirements set forth in Sections
                    6.1.5 and/or </span></span><span class="x_TextRun
                  x_SCXW100400534 x_BCX2" style="font-size:11pt;
                  line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">6.1.6;</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">2) The CA is aware of a
                    demonstrated or proven method that exposes the
                    Subscriber's Private Key to </span>
                </span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">compromise;</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">3) The CA has previously
                    been made aware that the Subscriber's Private Key
                    has suffered a Key Compromise, such as through the
                    provisions of Section
                  </span></span><span class="x_TextRun x_SCXW100400534
                  x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">4.9.1.1;</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">4) The Public Key
                    corresponds to an industry demonstrated weak Private
                    Key, in particular:</span></span><span class="x_EOP
                  x_SCXW100400534 x_BCX2" style="font-size:11pt;
                  line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">a) In the case of ROCA
                    vulnerability, the CA SHALL reject keys identified
                    by the tools available at <a class="x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcrocs-muni%2Froca&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954363341%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=OCUNpTPVeCB%2Fz0b4jTfiv6vbvXFwmM5yRq%2BRuCO55ZE%3D&reserved=0" originalsrc="https://github.com/crocs-muni/roca" shash="kcie2nugIb/wrDtFryxa1bzBmQ64+7fV89ikHxkVnOAVQSSi6hVSBSQrbFHdt5xGRvW0whIongkBRdZ01VHHcmjSrHZFSZGxfcNpEwEJyYkQWwQq3WJL5ZyQRHQo82UindnAycnn2z6d0e/RZdX1hMuM1wCkKW363Us2MugPsvM=" moz-do-not-send="true">
                      https://github.com/crocs-muni/roca</a> or
                    equivalent.</span></span><span class="x_EOP
                  x_SCXW100400534 x_BCX2" style="font-size:11pt;
                  line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">b) In the case of Debian
                    weak keys (<a class="x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.debian.org%2FSSLkeys&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954373299%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=3foFsayO%2BPHfuOSBeUHZMMP1Q5oudchTbgcQFGlWy9M%3D&reserved=0" originalsrc="https://wiki.debian.org/SSLkeys" shash="J0rjM4HFNiH0zUvsxuPZ9hEEqGKZb3uSmxOqF0IeiJLt+MsjbyrenbUWk94rRG9vWKQEhkbcS4LyppQCIaEy/HZpSvS/3vlS2+qkT2GYbbPMBFG1ZSKLZj5Ty7eDUPxteQv1ZT+mbqBqmc3JZgDdRZuJAO+VbH25i25K87b+ML0=" moz-do-not-send="true">https://wiki.debian.org/SSLkeys</a>),
                    the CA SHALL reject at least keys generated by the
                    flawed OpenSSL version with the combination of the
                    following parameters:</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SpellingErrorV2 x_SCXW100400534 x_BCX2">i</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">) Big-endian 32-bit,
                    little-endian 32-bit, and little-endian 64-bit </span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">architecture;</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">ii) Process ID of 0 to
                    32767,
                  </span></span><span class="x_TextRun x_SCXW100400534
                  x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">inclusive;</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">iii) All RSA Public Key
                    lengths supported by the CA up to and including 4096
                  </span></span><span class="x_TextRun x_SCXW100400534
                  x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_ContextualSpellingAndGrammarErrorV2
                    x_SCXW100400534 x_BCX2">bits;</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">iv)
                  </span></span><span class="x_TextRun x_SCXW100400534
                  x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SpellingErrorV2 x_SCXW100400534 x_BCX2">rnd</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">,
                  </span></span><span class="x_TextRun x_SCXW100400534
                  x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SpellingErrorV2 x_SCXW100400534 x_BCX2">nornd</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">, and </span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SpellingErrorV2 x_SCXW100400534 x_BCX2">noreadrnd</span></span><span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"> OpenSSL random file state.</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">For Debian weak keys not
                    covered above, the CA SHALL take actions to minimize
                    the probability of certificate issuance.</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2"></span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
            </div>
            <div class="x_OutlineElement x_Ltr x_SCXW100400534 x_BCX2" style="direction:ltr">
              <p class="x_Paragraph x_SCXW100400534 x_BCX2" style="margin-top: 0px; margin-bottom:
                0px;font-weight:normal; font-style:normal;
                vertical-align:baseline; background-color:transparent;
                color:windowtext; text-align:left; margin-left:0px;
                margin-right:0px; padding-left:0px; padding-right:0px;
                text-indent:0px">
                <span class="x_TextRun x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif" lang="EN-US"><span class="x_NormalTextRun
                    x_SCXW100400534 x_BCX2">--- Motion Ends ---</span></span><span class="x_EOP x_SCXW100400534 x_BCX2" style="font-size:11pt; line-height:19.425px;
font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
                </span></p>
            </div>
            <div class="x_moz-cite-prefix">On 1/18/2021 3:34 PM, Rob
              Stradling wrote:<br>
            </div>
            <blockquote type="cite">
              <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                font-size:12pt; color:rgb(0,0,0)">
                > I'm mid-way through generating the RSA-4096 keys.</div>
              <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                font-size:12pt; color:rgb(0,0,0)">
                <br>
              </div>
              <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                font-size:12pt; color:rgb(0,0,0)">
                The RSA-4096 private keys and blocklists are now in <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fprivate_keys&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954373299%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=65887HTXWFWaUo0GBNYu8Ctd5S1pW0w%2Buja1HQjjQXU%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/private_keys" shash="SKMH6rMFlgOm/Fdfs6rDZVv5TWqZ9rh9I4DE8Bn+jYpg8LEMDyRjD1as0tjLevQzwmyY08i8+oLISuBrnDX7bCf/LSk12CBztWV7qFJXy5MVGFyVtGCMdUSHKv0VglpgEjjW+zCVGzEJSLP3PnvX5O2Ql88CD6WL+YcwBZryTWU=" moz-do-not-send="true">
                  https://github.com/CVE-2008-0166/private_keys</a> and
                <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fopenssl_blocklists&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954373299%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=YsJN75IdoHbB0xxrFmIrcAYDnYzGLutgy%2FA467RtFqk%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/openssl_blocklists" shash="neuEFKrIbsG1QcEi05SZLMJdK3ypGLT4D+eI+b+yP1F+gEFjd00RhEFvX34GwHlcrC4biWdvUXbjo5FmF2rgeZQ8FnJDLHwEy/fBxckjavzvFedaNaJmZF3SqrfZtfhpThLbDcJk8GoIH+gQOdaNhL439iURBnMbkLdVbO3tCwc=" moz-do-not-send="true">
                  https://github.com/CVE-2008-0166/openssl_blocklists</a>.</div>
              <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                font-size:12pt; color:rgb(0,0,0)">
                <br>
              </div>
              <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                font-size:12pt; color:rgb(0,0,0)">
                The RSA-2048 and RSA-4096 private keys in <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FHARICA-official%2Fdebian-weak-keys&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954383257%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=82IVXFou7B6gTuLVR40v%2BFsnLEFYITrlTZLPdV%2Bp%2BHk%3D&reserved=0" originalsrc="https://github.com/HARICA-official/debian-weak-keys" shash="xObXtOMLIH3WszaI4aBb20yKeBZs4kh6Z6M3a/i/ggaRNvIeh7JtaDHFZbi77V1fH+YuJrYCJaldNioejqWrBuaQnz4x4SHhvnzPedUr8xtHUhY3uXnSuo1uuR6pdOlIJ/OVd84RLqD0kYm8KEZphN1zSLav9l+8OLZ15P0apXA=" moz-do-not-send="true">https://github.com/HARICA-official/debian-weak-keys</a> (which
                only covers 2 of the 3 word size / endianness
                combinations) are identical to the equivalents in <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fprivate_keys&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954383257%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=02dPvzXAoQa2QdA5404SWcII6joTEbnX3nQ5mFKHke4%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/private_keys" shash="jGHwDulILIQBYK6E17JiSQiS4zm0GCn7fN3Fj0A0TReBPqWUX3mSkA7zksGCJAQ473L+Ku4vAML9V8zQm1nzA/ZTOoUJV92ABwv3poaGWWWnyZ5kAz0A5+Q6EWjGfFf/0OjiaPmp6YSjPz1+QftgmLQ9PZVOJDn2C7PycaL2pbQ=" moz-do-not-send="true">https://github.com/CVE-2008-0166/private_keys</a>.</div>
              <div>
                <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                  font-size:12pt; color:rgb(0,0,0)">
                  <br>
                </div>
                <hr tabindex="-1" style="display:inline-block;
                  width:98%">
                <div id="x_divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b> Dimitris Zacharopoulos
                    (HARICA)
                    <a class="x_moz-txt-link-rfc2396E" href="mailto:dzacharo@harica.gr" moz-do-not-send="true"><dzacharo@harica.gr></a><br>
                    <b>Sent:</b> 14 January 2021 18:39<br>
                    <b>To:</b> Rob Stradling <a class="x_moz-txt-link-rfc2396E" href="mailto:rob@sectigo.com" moz-do-not-send="true">
                      <rob@sectigo.com></a>; CA/B Forum Server
                    Certificate WG Public Discussion List <a class="x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org" moz-do-not-send="true">
                      <servercert-wg@cabforum.org></a>; Jacob
                    Hoffman-Andrews <a class="x_moz-txt-link-rfc2396E" href="mailto:jsha@letsencrypt.org" moz-do-not-send="true">
                      <jsha@letsencrypt.org></a>; Christopher
                    Kemmerer <a class="x_moz-txt-link-rfc2396E" href="mailto:chris@ssl.com" moz-do-not-send="true">
                      <chris@ssl.com></a><br>
                    <b>Subject:</b> Re: [Servercert-wg] SCXX Ballot
                    proposal: Debian Weak keys</font>
                  <div> </div>
                </div>
                <div>
                  <div style="background-color:#FAFA03; width:100%;
                    border-style:solid; border-color:#000000;
                    border-width:1pt; padding:2pt; font-size:10pt;
                    line-height:12pt; font-family:'Calibri';
                    color:Black; text-align:left">
                    <span style="color:000000">CAUTION:</span> This
                    email originated from outside of the organization.
                    Do not click links or open attachments unless you
                    recognize the sender and know the content is safe.</div>
                  <br>
                  <div><br>
                    <br>
                    <div class="x_x_moz-cite-prefix">On 14/1/2021 12:30
                      π.μ., Rob Stradling wrote:<br>
                    </div>
                    <blockquote type="cite">
                      <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                        font-size:12pt; color:rgb(0,0,0)">
                        Thanks Dmitris.</div>
                      <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                        font-size:12pt; color:rgb(0,0,0)">
                        <br>
                      </div>
                      <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                        font-size:12pt; color:rgb(0,0,0)">
                        So far I've generated the RSA-2048 and RSA-3072
                        keys using <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fkey_generator&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954383257%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=84rUyqFcrGyBzI0U1igsIdRf23MjG%2BmScRniWptlJ7g%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/key_generator" shash="MY86+t6Rexmjsa4bg8HY+jjBPyoGERUN/YVHAc1AQPnGXb3EKZ2vzuZ9Tv1gv616zkW1jReC0lvups0aMcsGpy9c2T8QXGMR3WD/tUBCNw8s0rmLGbjz8E9qGp5+QhucKUbat3hGzuBMSGJn2emTwJYcpkKd7cwtAR5kF2jw8og=" moz-do-not-send="true">
                          https://github.com/CVE-2008-0166/key_generator</a> and
                        uploaded them to <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fprivate_keys&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954393211%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Ek2DJ%2B%2FzipYDxKYQD4UKZcD21oPgfeGMgFEwbwephjg%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/private_keys" shash="gh/aNwREU2eREJ8dZfU96Z6AfZU+uxGjmHO+hYyv9VEWc5XX0o5ZU3qetcajRjFSGr0VOhk14yVXEJkkydSRZhuz0EAUNr1pQeqBRAHOOAT7mXYxMOFJUKShOmILSgQfBFL5Bh0Oe8o8+COBbXI4fKpaqMrW86Dxil4jdnOOhSQ=" moz-do-not-send="true">
                          https://github.com/CVE-2008-0166/private_keys</a>,
                        and I've generated the corresponding blocklists
                        and uploaded them to
                        <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fopenssl_blocklists&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954393211%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=351FCX8uuZ44s%2BUzFEmN9wECMZlBH10xHAmbOtF85xo%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/openssl_blocklists" shash="AaDr70gEyR8xhFDn5SbIC7NeEDvW91WK+ZRnAJw03Ot+qIAEO+tSoFOo7DuuvVrKjp2DaLRYazXyduTlIUGJ28LgF4rrQDnGEeFUJjo0HANaHiYa182iG6ScPi+JD/MQQdeRjizI9RKUa1nEwc7zJEWXLA9tEnhht/kkvSJOQgI=" moz-do-not-send="true">
https://github.com/CVE-2008-0166/openssl_blocklists</a>.  My RSA-2048
                        blocklists exactly match the ones from the
                        original Debian openssl-blacklist package.</div>
                      <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                        font-size:12pt; color:rgb(0,0,0)">
                        I'm mid-way through generating the RSA-4096
                        keys.</div>
                      <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                        font-size:12pt; color:rgb(0,0,0)">
                        <br>
                      </div>
                      <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                        font-size:12pt; color:rgb(0,0,0)">
                        Let's compare keys when we're both done.  <span id="x_x_🙂">🙂</span></div>
                    </blockquote>
                    <br>
                    Certainly :-) the RSA-2048 keys already match the
                    fingerprints from the openssl-blacklist Debian
                    package.<br>
                    <br>
                    We did this work several months ago but never found
                    the time to make it publicly available. We managed
                    to break down the big task and run jobs in parallel
                    which made things a bit more interesting.<br>
                    <br>
                    It's nice we did this independently, I guess it
                    increases the accuracy level of the resulted keys :)<br>
                    <br>
                    <br>
                    Cheers,<br>
                    Dimitris.<br>
                    <br>
                    <blockquote type="cite">
                      <div>
                        <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                          font-size:12pt; color:rgb(0,0,0)">
                          <br>
                        </div>
                        <hr tabindex="-1" style="display:inline-block;
                          width:98%">
                        <div id="x_x_divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri,
                            sans-serif" color="#000000"><b>From:</b>
                            Dimitris Zacharopoulos (HARICA)
                            <a class="x_x_moz-txt-link-rfc2396E" href="mailto:dzacharo@harica.gr" moz-do-not-send="true"><dzacharo@harica.gr></a><br>
                            <b>Sent:</b> 13 January 2021 21:49<br>
                            <b>To:</b> Rob Stradling <a class="x_x_moz-txt-link-rfc2396E" href="mailto:rob@sectigo.com" moz-do-not-send="true">
                              <rob@sectigo.com></a>; CA/B Forum
                            Server Certificate WG Public Discussion List
                            <a class="x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org" moz-do-not-send="true">
                              <servercert-wg@cabforum.org></a>;
                            Jacob Hoffman-Andrews <a class="x_x_moz-txt-link-rfc2396E" href="mailto:jsha@letsencrypt.org" moz-do-not-send="true">
                              <jsha@letsencrypt.org></a>;
                            Christopher Kemmerer <a class="x_x_moz-txt-link-rfc2396E" href="mailto:chris@ssl.com" moz-do-not-send="true">
                              <chris@ssl.com></a><br>
                            <b>Subject:</b> Re: [Servercert-wg] SCXX
                            Ballot proposal: Debian Weak keys</font>
                          <div> </div>
                        </div>
                        <div>
                          <div style="background-color:#FAFA03;
                            width:100%; border-style:solid;
                            border-color:#000000; border-width:1pt;
                            padding:2pt; font-size:10pt;
                            line-height:12pt; font-family:'Calibri';
                            color:Black; text-align:left">
                            <span style="color:000000">CAUTION:</span>
                            This email originated from outside of the
                            organization. Do not click links or open
                            attachments unless you recognize the sender
                            and know the content is safe.</div>
                          <br>
                          <div>Dear friends,<br>
                            <br>
                            HARICA has generated the weak keys (RSA 2048
                            and 4096 bit lengths) from the vulnerable
                            openssl package. We will generate 3072 bit
                            keys as well and add them soon. The
                            methodology is described in the following
                            GitHub repo along with the produced keys:<br>
                            <ul>
                              <li><a class="x_x_x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FHARICA-official%2Fdebian-weak-keys&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954403169%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=IhYSEh8Bt%2FODjgmx27nNxsaSW3S8J0znHYJvsJVEHvA%3D&reserved=0" originalsrc="https://github.com/HARICA-official/debian-weak-keys" shash="lKC5kRKkpy0Pztb+boVOPh+qEDCgmiqL2G5fyeVhX0fXgfY+rW7jamSGtWnA4Q/TPu/4oVJM+vdDQhR+WHe+gHBhag/jWkaJ/lrHmLDZdWAP3YZW2lVG+UBRpB/LPk9Axl8ERi3uc4tEFjq3rUrlvOAWomnlZkRK7qXzZ9JXxZo=" moz-do-not-send="true">https://github.com/HARICA-official/debian-weak-keys</a></li>
                            </ul>
                            Please review and let us know if you spot
                            any issues or problems with our approach and
                            methodology.<br>
                            <br>
                            As always, please use other people's work at
                            your own risk.<br>
                            <br>
                            <br>
                            Dimitris.<br>
                            <br>
                            <div class="x_x_x_moz-cite-prefix">On
                              7/1/2021 2:25 μ.μ., Rob Stradling via
                              Servercert-wg wrote:<br>
                            </div>
                            <blockquote type="cite">
                              <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                font-size:12pt; color:rgb(0,0,0)">
                                I've used crt.sh to produce a survey of
                                key algorithms/sizes in currently
                                unexpired, publicly-trusted server
                                certificates:</div>
                              <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                font-size:12pt; color:rgb(0,0,0)">
                                <br>
                              </div>
                              <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                font-size:12pt; color:rgb(0,0,0)">
                                <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgist.github.com%2Frobstradling%2Fa5590b6a13218fe561dcb5d5c67932c5&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954403169%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=wNwpjeA4bEAp%2FEFOPI%2FyGOc6FW6U6Oqgr1rss1FCDDw%3D&reserved=0" originalsrc="https://gist.github.com/robstradling/a5590b6a13218fe561dcb5d5c67932c5" shash="O36ZGyduHzx3H3L0lVrGCywIcG6YiVFQfEFh0hwkQHsvFYj+kGoZ+Osjl7WDpYYgWtvqVXe5zakbSfp0YtyzN/q2sZNyvItwTWpyQkghJ+sBrP3xLoTvkjb2om5UIE0aDS3bLoQhAiGNPH0xr3aRV9QG2jC/JrW0zCZ+ft/dJos=" moz-do-not-send="true">https://gist.github.com/robstradling/a5590b6a13218fe561dcb5d5c67932c5</a><br>
                              </div>
                              <div>
                                <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                  font-size:12pt; color:rgb(0,0,0)">
                                  <br>
                                </div>
                                <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                  font-size:12pt; color:rgb(0,0,0)">
                                  The four most popular choices are no
                                  surprise: RSA-2048, P-256, RSA-4096,
                                  and P-384.  openssl-blacklist covers
                                  RSA-2048 and RSA-4096, and ECC keys
                                  are implicitly not Debian weak keys.</div>
                                <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                  font-size:12pt; color:rgb(0,0,0)">
                                  <br>
                                </div>
                                <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                  font-size:12pt; color:rgb(0,0,0)">
                                  <span style="color:rgb(0,0,0);
                                    font-family:Calibri,Arial,Helvetica,sans-serif;
                                    font-size:12pt">Fifth most popular
                                    is RSA-3072, with over 3 million
                                    unexpired, publicly-trusted server
                                    certs.  openssl-blacklist doesn't
                                    cover RSA-3072, but ISTM that this
                                    is a key size that CAs will want to
                                    permit.</span><br>
                                </div>
                                <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                  font-size:12pt; color:rgb(0,0,0)">
                                  <span style="color:rgb(0,0,0);
                                    font-family:Calibri,Arial,Helvetica,sans-serif;
                                    font-size:12pt"><br>
                                  </span></div>
                                <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                  font-size:12pt; color:rgb(0,0,0)">
                                  Some of the lesser used key sizes are
                                  mostly likely due to Subscriber typos
                                  (e.g., 2408 and 3048 were probably
                                  intended to be 2048, 4048 was probably
                                  intended to be either 2048 or 4096,
                                  etc), but some of the other ones look
                                  like they were deliberately chosen
                                  (e.g., 2432 is 2048+384).  Is it worth
                                  generating Debian weak keys/blocklists
                                  for any of these key sizes?</div>
                                <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                  font-size:12pt; color:rgb(0,0,0)">
                                  <span style="color:rgb(0,0,0);
                                    font-family:Calibri,Arial,Helvetica,sans-serif;
                                    font-size:12pt"><br>
                                  </span></div>
                                <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                  font-size:12pt; color:rgb(0,0,0)">
                                  <span style="color:rgb(0,0,0);
                                    font-family:Calibri,Arial,Helvetica,sans-serif;
                                    font-size:12pt"><a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnvlpubs.nist.gov%2Fnistpubs%2FSpecialPublications%2FNIST.SP.800-57pt1r5.pdf&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954403169%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=JRYwvgbrG1OuFxzL3b4dV1IdIaIF6NGXH7jkJw%2FQjMM%3D&reserved=0" originalsrc="https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf" shash="gNz80rUfPTAMRKoJdHGH6aiRwKeQ30yBfhE8ttxHsfU8u0CY3579qXUCKAJj4Ghyp/idTzxi8Q5K0go+PsN0nuG/Pm6/McZ8tNepJGNVjKePE6tptCDLpJW5sLhFgDAlQ/bAdUNFREH+ikVG/pXiwS45cjLCQj5vxbci2lS2/h4=" moz-do-not-send="true">https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf</a> (Table
                                    4, p59) permits RSA-2048 until the
                                    end of 2030, whereas </span><a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.sogis.eu%2Fdocuments%2Fcc%2Fcrypto%2FSOGIS-Agreed-Cryptographic-Mechanisms-1.2.pdf&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954413126%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=sjDil3UqhOzc0t4hO5HumENGmxYVqZ4xu56bu42bgKg%3D&reserved=0" originalsrc="https://www.sogis.eu/documents/cc/crypto/SOGIS-Agreed-Cryptographic-Mechanisms-1.2.pdf" shash="ewncrtoZuH1r02Zw2+K5RNWPoPoF7HQy6EyBYAKOOVp1eRsT/kTEuqKnODGIZChvsZaE8khZsAjROspbZqnekWFd2k+9AdeOpqMmLJWXcoBuVkOHtrgNnOHCSquX4J7hry3/3xcGpI0zoiQjwCFje8kJK6OXXZycDAZLb9dpKcg=" style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt" moz-do-not-send="true">https://www.sogis.eu/documents/cc/crypto/SOGIS-Agreed-Cryptographic-Mechanisms-1.2.pdf</a> permi
 ts
                                  RSA-2048 only until the end of 2025. 
                                  It is of course possible that quantum
                                  computing will render RSA obsolete
                                  before Subscribers need to think about
                                  which larger RSA keysize they want to
                                  migrate to; however, it seems prudent
                                  to also plan for the possibility that
                                  RSA will survive and that some other
                                  RSA keysize(s) might become popular.</div>
                                <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                  font-size:12pt; color:rgb(0,0,0)">
                                  <br>
                                </div>
                                <hr tabindex="-1" style="display:inline-block;
                                  width:98%">
                                <div id="x_x_x_divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b>
                                    Servercert-wg
                                    <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg-bounces@cabforum.org" moz-do-not-send="true">
<servercert-wg-bounces@cabforum.org></a> on behalf of Rob
                                    Stradling via Servercert-wg
                                    <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org" moz-do-not-send="true"><servercert-wg@cabforum.org></a><br>
                                    <b>Sent:</b> 06 January 2021 16:08<br>
                                    <b>To:</b> Jacob Hoffman-Andrews <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:jsha@letsencrypt.org" moz-do-not-send="true">
                                      <jsha@letsencrypt.org></a>;
                                    Christopher Kemmerer <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:chris@ssl.com" moz-do-not-send="true">
                                      <chris@ssl.com></a>; CA/B
                                    Forum Server Certificate WG Public
                                    Discussion List <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org" moz-do-not-send="true">
                                      <servercert-wg@cabforum.org></a><br>
                                    <b>Subject:</b> Re: [Servercert-wg]
                                    SCXX Ballot proposal: Debian Weak
                                    keys</font>
                                  <div> </div>
                                </div>
                                <div dir="ltr">
                                  <div style="background-color:#FAFA03;
                                    width:100%; border-style:solid;
                                    border-color:#000000;
                                    border-width:1pt; padding:2pt;
                                    font-size:10pt; line-height:12pt;
                                    font-family:'Calibri'; color:Black;
                                    text-align:left">
                                    <span style="color:000000">CAUTION:</span>
                                    This email originated from outside
                                    of the organization. Do not click
                                    links or open attachments unless you
                                    recognize the sender and know the
                                    content is safe.</div>
                                  <br>
                                  <div>
                                    <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                      font-size:12pt; color:rgb(0,0,0)">
                                      <div style="margin:0px;
                                        font-size:12pt">Jacob wrote:</div>
                                      <div style="margin:0px;
                                        font-size:12pt">> Lastly, I
                                        think we should archive
                                        openssl-blacklist, and include
                                        in the BRs: "A CA may reject the
                                        full set of Debian weak keys by
                                        rejecting this superset of the
                                        Debian weak keys:</div>
                                      <div style="margin:0px;
                                        font-size:12pt">><br>
                                        <div>> - All RSA public keys
                                          with modulus lengths other
                                          than 2048 or 4096, and</div>
                                        <div>> - All RSA public keys
                                          with exponents other than
                                          65537, and</div>
                                        <div><br>
                                        </div>
                                        <div>Hi Jacob.  65537 (aka
                                          0x10001) is hard-coded here...</div>
                                        <div><span style="background-color:rgb(255,255,255);
                                            display:inline!important"><br>
                                          </span></div>
                                        <div><span style="background-color:rgb(255,255,255);
                                            display:inline!important"><a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenssl%2Fopenssl%2Fblob%2FOpenSSL_0_9_8f%2Fapps%2Freq.c%23L768&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954413126%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=x4RdtrOp60DOZcpOymaXECgx9v2kK5%2Bwck3gqhxovAk%3D&reserved=0" originalsrc="https://github.com/openssl/openssl/blob/OpenSSL_0_9_8f/apps/req.c#L768" shash="S/Ga/ubwhiv0WDmKxzRdng9OS5pTWFWkdbzjHMxG93xTxnTEJn+pNcy5H0Vf6vkGsZeFLUoKjvsxXpFs6xMaLjBKAQCCtnXGg7SEzoeGTP6+ZPqwJ/D/RPdgEcoRsqTKmBYdYjGuu6VXIaFbvBCcjQxNU3DMxQcVSruvmSOvf/0=" moz-do-not-send="true">https://github.com/openssl/openssl/blob/OpenSSL_0_9_8f/apps/req.c#L768</a><br>
                                          </span></div>
                                        <div><br>
                                        </div>
                                        <div>Would it therefore be fair
                                          to say that keys with public
                                          exponents other than 65537 are
                                          implicitly
                                          <u>not</u> Debian weak keys?</div>
                                        <div><br>
                                        </div>
                                        > - All RSA public keys that
                                        are detected as vulnerable by
                                        the openssl-vulnkey program in
                                        the openssl-blacklist package
                                        version 0.5-3 (see addendum), or
                                        an equivalent program."</div>
                                    </div>
                                    <div>
                                      <div style="font-family:Calibri,Arial,Helvetica,sans-serif;
                                        font-size:12pt;
                                        color:rgb(0,0,0)">
                                        <br>
                                      </div>
                                      <hr tabindex="-1" style="display:inline-block;
                                        width:98%">
                                      <div id="x_x_x_x_divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" face="Calibri, sans-serif" color="#000000"><b>From:</b>
                                          Servercert-wg
                                          <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg-bounces@cabforum.org" moz-do-not-send="true">
<servercert-wg-bounces@cabforum.org></a> on behalf of Jacob
                                          Hoffman-Andrews via
                                          Servercert-wg
                                          <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org" moz-do-not-send="true"><servercert-wg@cabforum.org></a><br>
                                          <b>Sent:</b> 12 December 2020
                                          02:21<br>
                                          <b>To:</b> Christopher
                                          Kemmerer <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:chris@ssl.com" moz-do-not-send="true">
                                            <chris@ssl.com></a>;
                                          CA/B Forum Server Certificate
                                          WG Public Discussion List <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org" moz-do-not-send="true">
<servercert-wg@cabforum.org></a><br>
                                          <b>Subject:</b> Re:
                                          [Servercert-wg] SCXX Ballot
                                          proposal: Debian Weak keys</font>
                                        <div> </div>
                                      </div>
                                      <div>
                                        <div style="background-color:#FAFA03;
                                          width:100%;
                                          border-style:solid;
                                          border-color:#000000;
                                          border-width:1pt; padding:2pt;
                                          font-size:10pt;
                                          line-height:12pt;
                                          font-family:'Calibri';
                                          color:Black; text-align:left">
                                          <span style="color:000000">CAUTION:</span>
                                          This email originated from
                                          outside of the organization.
                                          Do not click links or open
                                          attachments unless you
                                          recognize the sender and know
                                          the content is safe.</div>
                                        <br>
                                        <div>
                                          <div dir="ltr">Thanks for your
                                            continued efforts to improve
                                            this part of the BRs! Let's
                                            Encrypt is in theory
                                            interested in endorsing, but
                                            I think it still needs a bit
                                            of work. Thanks for
                                            incorporating my most recent
                                            comments on endianness and
                                            word size vs 11 platforms.<br>
                                            <br>
                                            Goals: We want CAs to
                                            consistently not issue
                                            certificates for weak keys
                                            in general, and also in the
                                            specific case of Debian and
                                            ROCA keys. We want the
                                            definition of Debian and
                                            ROCA keys to be clear and
                                            actionable for as long as
                                            possible - say, at least
                                            twenty years.<br>
                                            <br>
                                            We have three ways to
                                            specify Debian and ROCA
                                            keys: With a list, with a
                                            tool, or with an algorithm*.
                                            The original revision of
                                            this ballot proposed to use
                                            a list (<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fpipermail%2Fservercert-wg%2F2020-April%2F001821.html&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954423081%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=rsy9wnrty4nLwQNxakiUnSVDtbAXa%2F8uhRsoWcz4RMY%3D&reserved=0" originalsrc="https://lists.cabforum.org/pipermail/servercert-wg/2020-April/001821.html" shash="q6owYManJl5vv7r7kaVaytVdG8kMxAZHtDP96JwDrVcC6CMuevjMhaerp9q0j4JuyScPS1ZZMPbwX+jEZhx9jeY+DuEyTna4zpyPh01JHMmc3Ub8JQlSFGviM/z7HGBi44VoydsQEsOfuL9yx5VQZxRDvOUxd3UUenLxK0gC/vM=" moz-do-not-send="true">https://lists.cabforum.org/pipermail/servercert-wg/2020-April/001821.html</a>).
                                            There were two objections:<br>
                                            <br>
                                             - The list
                                            (openssl-blacklist) is
                                            subject to change or
                                            removal.<br>
                                             - The list only covers 2048
                                            and 4096 bit keys.<br>
                                            <br>
                                            The current draft proposes
                                            specifying a tool for ROCA (<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcrocs-muni%2Froca&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954423081%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=L7GlRLH4DfxsZkruEioaA97Xy%2Bbl1Ru4caU3zeSSI%2F4%3D&reserved=0" originalsrc="https://github.com/crocs-muni/roca" shash="acPAZvzICXzC2chmYmghItTWvJciJinlR0BG6D6NnxhjxW6VPqy3hf7lPxyVFRLc828VNZKqGqEmLHkopGtB81yQM5znlmueSs/9+BD8bwtYSZdBxDv9RHQ4BFJwxiIQrHWal3xe9gWe20JBS+zvVFjr7IXqJn0f/e7u+LowVnY=" moz-do-not-send="true">https://github.com/crocs-muni/roca</a>)
                                            and an algorithm for Debian
                                            keys.<br>
                                            <br>
                                            The ROCA tool is subject to
                                            change or removal, just like
                                            the openssl-blacklist
                                            package. I propose we
                                            instead specify ROCA
                                            detection in terms of the
                                            paper (<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcrocs.fi.muni.cz%2Fpublic%2Fpapers%2Frsa_ccs17&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954433037%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=faFx80ndwx3wGDq6lkYKoGzSIKSjx9e2UPS0eNsZp7o%3D&reserved=0" originalsrc="https://crocs.fi.muni.cz/public/papers/rsa_ccs17" shash="YrMVZa9zArKu59x+zLt4ieVhfliH1zbad2enXeN1WcWtYzJ6zS1Fph1+oDn2nnBahpfm210FxujRsGbeI6coyvQqJM1Q+Xz1w1KHEDdXd9H2v4KmHzVvwlYwXjI5emspPT6AlQJGIkCrpwMOKpzA7KV6NQpo3Yo+X+dO91Me53A=" moz-do-not-send="true">https://crocs.fi.muni.cz/public/papers/rsa_ccs17</a>)
                                            and ask for permission from
                                            the authors to archive an
                                            unchanging copy as an
                                            addendum to the BRs.<br>
                                            <br>
                                            For Debian keys, what looks
                                            like an algorithm
                                            specification is actually a
                                            tool + algorithm
                                            specification. The tool is
                                            "OpenSSL 0.9.8c-1 up to
                                            versions before 0.9.8g-9 on
                                            Debian-based operating
                                            systems" (per CVE-2008-01666
                                            -
                                            <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3D2008-0166&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954433037%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=GCbLY7haF2aOY5C3Sa8qM61qnIeRq89%2BsIyWXf6dMPE%3D&reserved=0" originalsrc="https://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0166" shash="Gxy0OWy+obUWGZTThv40M/k6wxF48bbA6xwUion7MZWjiSaUydfqhPby56nH+/2Hhf8nufGPRR2HvlWgUTQ/hQ3WRRSmc/sgbm9z7t+jkeYGs2xGavD2xofarS6N0siVtz9bXbQvNWdyYlbmfy4SGeqrL599qHO2S3KSw7kSSRg=" moz-do-not-send="true">
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0166</a>). To ensure
                                            an unchanging copy of that,
                                            we should archive 3 copies
                                            of Debian, for the 3 word
                                            size + endianness
                                            combinations.<br>
                                            <br>
                                            The algorithm also needs an
                                            additional line: "v) using
                                            the command 'openssl req
                                            -nodes -subj / -newkey
                                            rsa:<Public Key
                                            length>'" (adapted from
                                            <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsources.debian.org%2Fdata%2Fmain%2Fo%2Fopenssl-blacklist%2F0.5-3%2Fexamples%2Fgen_certs.sh&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954433037%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=zGC8USg1Ws3rjKBdESFCVT2L2UJz9QjyddJtrRkpZQA%3D&reserved=0" originalsrc="https://sources.debian.org/data/main/o/openssl-blacklist/0.5-3/examples/gen_certs.sh" shash="OL2gPtwJQ5YG/miIa2Gt4+RJntZIDU5QZN6FWP2mPJ4p+SYVhUWqNOH/HNVU3B5C6uuKB+yW4GvW/FFpa43uHA+tRJXrVqCWPDTDRT+zNPxq5v+j9ddhh75osvhk30rlXnX7XMF3tv0gW4MAFLh7DkTWLjhIQGxXVya6/E6VtHk=" moz-do-not-send="true">
https://sources.debian.org/data/main/o/openssl-blacklist/0.5-3/examples/gen_certs.sh</a>).
                                            Other tools that linked
                                            OpenSSL, like openvpn and
                                            openssh, generated different
                                            sets of keys. We can include
                                            or exclude openvpn and
                                            openssh keys, but should
                                            thoroughly specify.<br>
                                            <br>
                                            Lastly, I think we should
                                            archive openssl-blacklist,
                                            and include in the BRs: "A
                                            CA may reject the full set
                                            of Debian weak keys by
                                            rejecting this superset of
                                            the Debian weak keys:<br>
                                            <br>
                                             - All RSA public keys with
                                            modulus lengths other than
                                            2048 or 4096, and<br>
                                             - All RSA public keys with
                                            exponents other than 65537,
                                            and<br>
                                             - All RSA public keys that
                                            are detected as vulnerable
                                            by the openssl-vulnkey
                                            program in the
                                            openssl-blacklist package
                                            version 0.5-3 (see
                                            addendum), or an equivalent
                                            program."<br>
                                            <br>
                                            My reasoning: Given the
                                            difficulty of correctly
                                            setting up old Debian
                                            versions and generating weak
                                            keys for sizes that are not
                                            part of openssl-blacklist, I
                                            expect most CAs will choose
                                            this path. Given that, we
                                            should just say what we
                                            mean: the pregenerated list
                                            is fine if you restrict key
                                            sizes, but you don't *have*
                                            to restrict key sizes, so
                                            long as you have an
                                            alternate method to ensure
                                            you're not issuing for
                                            Debian weak keys at other
                                            sizes.<br>
                                            <br>
                                            *I'm considering specifying
                                            an algorithm to be
                                            functionally equivalent to
                                            specifying an "outcome,"
                                            though I recognize this may
                                            be too hand-wavy.<br>
                                          </div>
                                        </div>
                                      </div>
                                    </div>
                                  </div>
                                </div>
                              </div>
                              <br>
                              <fieldset class="x_x_x_mimeAttachmentHeader"></fieldset>
                              <pre class="x_x_x_moz-quote-pre">_______________________________________________
Servercert-wg mailing list
<a class="x_x_x_moz-txt-link-abbreviated" href="mailto:Servercert-wg@cabforum.org" moz-do-not-send="true">Servercert-wg@cabforum.org</a>
<a class="x_x_x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=04%7C01%7C%7Ce2b4b1c02cde4de101b308d91619376c%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637565120954442992%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=whOASQm29RlwypzcfdPuXhaWpdxbLkILLwRr2RXnSFE%3D&reserved=0" originalsrc="https://lists.cabforum.org/mailman/listinfo/servercert-wg" shash="o6jcflNDGp3QGqP6f8SgCj6c+FBBZmpLwupBL+ytqOfxBMBAfATrm6vCPH3YjwDy34ZlICXlQpEjCxORjRv3A73jC+AgIzg/Ry78xpi1T0VUV1/DzfBg8Atku7oO445Bqv8I61OhoyQTSreU1UOy4hrabVsu7H4neXCY590FJ/s=" moz-do-not-send="true">https://lists.cabforum.org/mailman/listinfo/servercert-wg</a>
</pre>
                            </blockquote>
                            <br>
                          </div>
                        </div>
                      </div>
                    </blockquote>
                    <br>
                  </div>
                </div>
              </div>
            </blockquote>
          </div>
        </div>
      </div>
    </blockquote>
  </body>
</html>