<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
Hi Christopher.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
> We would still like to determine the best way to direct CAs to the weak key populations assembled through the work of yourself and HARICA.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
Here's my suggestion...</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
Change...</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<i>"b) In the case of Debian weak keys (https://wiki.debian.org/SSLkeys), the CA SHALL reject at least keys generated by the flawed OpenSSL version with the combination of the following parameters:"</i></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
...to...</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<i>"<span style="background-color:rgb(255,255,255); display:inline!important">b) In the case of Debian weak keys (https://wiki.debian.org/SSLkeys), the CA SHALL reject at least keys generated by the flawed OpenSSL version with the combination of the parameters
listed in section 6.1.1.4."</span></i></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
Move the list of parameters (<i>"i) Big-endian 32-bit...random file state"</i>) into a new section 6.1.1.4, entitled
<i>"Debian weak keys (CVE-2008-0166)"</i>.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
At the end of the new section 6.1.1.4, add this text...</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<i>"These are some suggested tools that CAs MAY use to obtain lists of Debian weak keys:</i></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<i> - <a href="https://github.com/CVE-2008-0166">https://github.com/CVE-2008-0166</a> provides a generator, for the complete set of parameters listed above, that runs on any <span style="color:rgb(0,0,0); font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt">modern
64-bit Linux system; it also provides complete sets of pregenerated keys for the most common RSA key sizes.</span></i></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<i><span style="color:rgb(0,0,0); font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt"> - <a href="https://github.com/HARICA-official/debian-weak-keys">https://github.com/HARICA-official/debian-weak-keys</a> provides a generator, for a subset of
the parameters listed above, that can take advantage of a computer cluster."</span></i></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
> We believe this proposal offers clearer guidance on this matter than the current BR language, and is an opportunity to make an ecosystem-wide improvement in CA practices.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
I agree. I'd be happy to endorse.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
> (NOTE: Edited per RS suggestion, updated version number to 1.7.9, but still currently directs to debian.org resource)<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
I think it's still valuable to mention <a href="https://wiki.debian.org/SSLkeys" style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt">https://wiki.debian.org/SSLkeys</a>.</div>
<div>
<div id="appendonsend"></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> Christopher Kemmerer <chris@ssl.com><br>
<b>Sent:</b> 18 August 2021 22:37<br>
<b>To:</b> Rob Stradling <rob@sectigo.com>; Dimitris Zacharopoulos (HARICA) <dzacharo@harica.gr>; CA/B Forum Server Certificate WG Public Discussion List <servercert-wg@cabforum.org>; Jacob Hoffman-Andrews <jsha@letsencrypt.org><br>
<b>Subject:</b> Re: [Servercert-wg] SCXX Ballot proposal: Debian Weak keys</font>
<div> </div>
</div>
<div>
<p style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px">
</p>
<div style="background-color:#FAFA03; width:100%; border-style:solid; border-color:#000000; border-width:1pt; padding:2pt; font-size:10pt; line-height:12pt; font-family:'Calibri'; color:Black; text-align:left">
<span style="color:000000">CAUTION:</span> This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.</div>
<br>
<p style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px">
</p>
<div>
<p style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px">
Hello Rob,<br>
<br>
Thanks for the useful suggestion. We've amended our proposed ballot language accordingly.<br>
<br>
We would still like to determine the best way to direct CAs to the weak key populations assembled through the work of yourself and HARICA.<br>
<br>
On the broader question of how to proceed, we see three options for community consideration:<br>
<br>
- Carry forward with this proposed ballot;<br>
- Consider adding this language to a future cleanup ballot; or<br>
- Declaring that current language and guidance are sufficient.<br>
<br>
To recap, the ur-issue is itself from 2006-2008, our initial request for input on this matter was made in April 2020 and this ballot language has been under (sporadic) discussion since December 2020. Given the narrow focus of the issue itself, this could certainly
be considered a low priority, and thus wrapped into a future cleanup ballot (rather than undergoing a separate ballot procedure).<br>
<br>
However, we note that the impetus for this ballot discussion was failure of a publicly-trusted CA to prevent issuance of a certificate using a Debian weak key in March 2020. We aim to ensure this doesn't happen again by clear delineation of expected practices
(and direction to appropriate resources) in our Baseline Requirements.<br>
<br>
We believe this proposal offers clearer guidance on this matter than the current BR language, and is an opportunity to make an ecosystem-wide improvement in CA practices.<br>
<br>
We hope to discuss this in our regular call and very much welcome community input.<br>
<br>
Regards,<br>
<br>
Chris K<br>
<br>
=====<br>
<br>
SCXX Ballot proposal: Debian Weak keys<br>
<br>
(NOTE: Edited per RS suggestion, updated version number to 1.7.9, but still currently directs to debian.org resource)<br>
<br>
=====<br>
<br>
--- Motion Begins --- <br>
<br>
This ballot modifies the “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates” as follows, based on Version 1.7.9:
<br>
<br>
Proposed ballot language: <br>
<br>
4.9.1.1 Reasons for Revoking a Subscriber Certificate <br>
<br>
Replace: <br>
<br>
4. The CA is made aware of a demonstrated or proven method that can easily compute the Subscriber’s Private Key based on the Public Key in the Certificate (such as a Debian weak key, see
<a class="x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.debian.org%2FSSLkeys&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427569064%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=m74Sjypff4KqXQuZUrdozdOB8N9TmwCh%2F%2BzJpjUwl9w%3D&reserved=0" originalsrc="https://wiki.debian.org/SSLkeys" shash="zyKvzgpoEMe8FlzBWyiV8J+IPO3p2v1UVTKO87R5C/fz89ecgIUwEIpJuj8rmq2RAXbfV1CxlnaioauWQHOW+7qgWx7aQTMzM8x6eTwjxQGE7qZukpo6Gz/kss6M3yI4FZLs7A75dzlEI9wsheRT7XQzWuO67UbJYmzeOUCSZ84=">
https://wiki.debian.org/SSLkeys</a>) <br>
<br>
With: <br>
<br>
4. The CA is made aware of a demonstrated or proven method that can easily compute the Subscriber’s Private Key (such as those identified in 6.1.1.3(4)).
<br>
<br>
--- <br>
<br>
6.1.1.3. Subscriber Key Pair Generation <br>
<br>
Replace: <br>
<br>
The CA SHALL reject a certificate request if one or more of the following conditions are met:
<br>
<br>
1. The Key Pair does not meet the requirements set forth in Section 6.1.5 and/or Section 6.1.6;
<br>
<br>
2. There is clear evidence that the specific method used to generate the Private Key was flawed;
<br>
<br>
3. The CA is aware of a demonstrated or proven method that exposes the Applicant's Private Key to compromise;
<br>
<br>
4. The CA has previously been made aware that the Applicant's Private Key has suffered a Key Compromise, such as through the provisions of Section 4.9.1.1;
<br>
<br>
5. The CA is aware of a demonstrated or proven method to easily compute the Applicant's Private Key based on the Public Key (such as a Debian weak key, see
<a class="x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.debian.org%2FSSLkeys&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427569064%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=m74Sjypff4KqXQuZUrdozdOB8N9TmwCh%2F%2BzJpjUwl9w%3D&reserved=0" originalsrc="https://wiki.debian.org/SSLkeys" shash="zyKvzgpoEMe8FlzBWyiV8J+IPO3p2v1UVTKO87R5C/fz89ecgIUwEIpJuj8rmq2RAXbfV1CxlnaioauWQHOW+7qgWx7aQTMzM8x6eTwjxQGE7qZukpo6Gz/kss6M3yI4FZLs7A75dzlEI9wsheRT7XQzWuO67UbJYmzeOUCSZ84=">
https://wiki.debian.org/SSLkeys</a>). <br>
<br>
With: <br>
<br>
The CA SHALL reject a certificate request if one or more of the following occurs:
<br>
<br>
1) The requested Public Key does not meet the requirements set forth in Sections 6.1.5 and/or 6.1.6;
<br>
<br>
2) The CA is aware of a demonstrated or proven method that exposes the Subscriber's Private Key to compromise;
<br>
<br>
3) The CA has previously been made aware that the Subscriber's Private Key has suffered a Key Compromise, such as through the provisions of Section 4.9.1.1;
<br>
<br>
4) The Public Key corresponds to an industry demonstrated weak Private Key, in particular:
<br>
<br>
a) In the case of ROCA vulnerability, the CA SHALL reject keys identified by the tools available at
<a class="x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcrocs-muni%2Froca&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427579016%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=AEwR7%2BOcyMNbJ5kqWebySDmtRO2PqoIFELJc4BD7ESA%3D&reserved=0" originalsrc="https://github.com/crocs-muni/roca" shash="UdzD2+YsWMHkcre0TemZW494+PPh0qnraicnpXBaiXvOZ1ttCFYmmd3TG/ZlPItMQqf1BEm/yPueMdhpbSmLmIdKgD5xlpy6LhjqZQv/AxEDYiP8NeJ85hHMDJX1GlraQ9qtN6EYW/EwM+ncBrCcAgrG2OKDoFJNVRioXRILOcQ=">
https://github.com/crocs-muni/roca</a> or equivalent. <br>
<br>
b) In the case of Debian weak keys (<a class="x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.debian.org%2FSSLkeys&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427579016%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=WPJ6yy8T0U3kPKwISrWNjJDP5rIgwcVr6ZsSXAQEYsk%3D&reserved=0" originalsrc="https://wiki.debian.org/SSLkeys" shash="PtbzRLD2l47IK3+tjUIs/TeILFz+UYaIQmKJzFbPt4OE2dk7rf51CPQW4/quuAdu2xAlBF6H2el5dHX21PwCT5iofZTyDKTQSucrBajk1R8kM9SlL5h4BxPRX0h9iaOQoX+BogVGjKpY3O4OTLpKa59u7JBqJr8NGO0TSd/oFyk=">https://wiki.debian.org/SSLkeys</a>),
the CA SHALL reject at least keys generated by the flawed OpenSSL version with the combination of the following parameters:
<br>
<br>
i) Big-endian 32-bit, little-endian 32-bit, and little-endian 64-bit architecture;
<br>
<br>
ii) Process ID of 0 to 32767, inclusive; <br>
<br>
iii) All RSA Public Key lengths supported by the CA; <br>
<br>
iv) rnd, nornd, and noreadrnd OpenSSL random file state.<br>
<br>
--- Motion Ends --- <br>
<br>
=====<br>
<br>
</p>
<div class="x_moz-cite-prefix">On 5/13/2021 9:42 AM, Rob Stradling wrote:<br>
</div>
<blockquote type="cite">
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<span style="color:rgb(0,0,0); font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt">> </span><span style="color:rgb(0,0,0); font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt">iii) All RSA Public Key lengths supported by the CA up to
and including 4096 bits;</span><br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
> ...</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
> For Debian weak keys not covered above, the CA SHALL take actions to minimize the probability of certificate issuance.
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
Hi Christopher. What sort of "actions" are envisaged here? If a CA is processing a certificate request that contains a (for example) RSA-4088 public key (i.e., a key size not covered by an available Debian weak list), either the CA is going to issue the cert
or they're not. What, concretely, does "minimize the probability of certificate issuance" actually mean?</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
Why not remove that "SHALL" sentence and change point iii to: "<span style="background-color:rgb(255,255,255); display:inline!important">iii) All RSA Public Key lengths supported by the CA." ?</span></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
BTW, in case it helps, I'm about half way through generating a full set of RSA-8192 Debian weak keys, which (when complete) I'll add to the
<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427579016%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=4KW%2B7pMSqy83ufpoU3K3ArV76KZGerZuKn%2FDPUQzH00%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166" shash="JQJiFCGmWqE+r5+bzBZtLBF5tKBUh7MKNdwByzKLjf3CVq2PT7DPYlLrlTobZKVZ5Qp3R98RsVMsLeKiMLM88kq5ae+OIyErZE6xbYOPlw/tr+AVt1tGh1ISyxWstjDZpiyWlCg0Xk4twLA7dUXP85QSe+9jLh1wdjGDtyfJFMc=">
https://github.com/CVE-2008-0166</a> repositories.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="x_divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> Christopher Kemmerer
<a class="x_moz-txt-link-rfc2396E" href="mailto:chris@ssl.com"><chris@ssl.com></a><br>
<b>Sent:</b> 13 May 2021 15:12<br>
<b>To:</b> Rob Stradling <a class="x_moz-txt-link-rfc2396E" href="mailto:rob@sectigo.com">
<rob@sectigo.com></a>; Dimitris Zacharopoulos (HARICA) <a class="x_moz-txt-link-rfc2396E" href="mailto:dzacharo@harica.gr">
<dzacharo@harica.gr></a>; CA/B Forum Server Certificate WG Public Discussion List
<a class="x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org"><servercert-wg@cabforum.org></a>; Jacob Hoffman-Andrews
<a class="x_moz-txt-link-rfc2396E" href="mailto:jsha@letsencrypt.org"><jsha@letsencrypt.org></a><br>
<b>Subject:</b> Re: [Servercert-wg] SCXX Ballot proposal: Debian Weak keys</font>
<div> </div>
</div>
<div>
<div style="background-color:#FAFA03; width:100%; border-style:solid; border-color:#000000; border-width:1pt; padding:2pt; font-size:10pt; line-height:12pt; font-family:'Calibri'; color:Black; text-align:left">
<span style="color:000000">CAUTION:</span> This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.</div>
<br>
<div>
<div class="x_x_OutlineElement x_x_Ltr x_x_BCX2 x_x_SCXW100400534" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">Hello,</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
<br>
</span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_BCX2 x_x_SCXW100400534" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">We deeply appreciate
the useful discussion in this thread regarding this issue. We especially applaud the efforts of HARICA and
</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SpellingErrorV2 x_x_SCXW100400534 x_x_BCX2">Sectigo</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
to independently generate more comprehensive lists of potentially affected Debian weak keys. As Rob Stradling observed through his crt.sh research (20210107,
<a class="x_x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgist.github.com%2Frobstradling%2Fa5590b6a13218fe561dcb5d5c67932c5&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427588972%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=n08L%2Bixwwtr4CPIVRKVN4hFbUQBCY9Hn1rMxDbr4fxE%3D&reserved=0" originalsrc="https://gist.github.com/robstradling/a5590b6a13218fe561dcb5d5c67932c5" shash="s8nsSA5S5W2bQPIlhPTBo6GL0Q8ChKuMXKLNHhOuer7O5Su2/f3NfO13xRh1t9LpPTCl07iZPR5USeAj25h5/yb5fNBs9Ej6uuTs2qKXzIkCZL6amnkH1EPa2s/4Qv2XdiLAN0SCfT1Ls8T62my3+gWFPvp1ysomw8M99M664IU=">
https://gist.github.com/robstradling/a5590b6a13218fe561dcb5d5c67932c5</a>) of the five most utilized algorithm/key size populations, two are ECC (so not impacted by the Debian weak key issue) and three are RSA (</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">2048,
4096, and 3072 bit</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
length, in that order).</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
<br>
</span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">As of their
most recent messages it appears that these two organizations have independently generated comprehensive lists identifying all RSA-</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">2048
and -4096 bit</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
length keys. (We </span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">understand</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
RSA-3072 length keys</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
are also </span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">available</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">.)
This offers the possibility that complete lists, if accepted as authoritative, could be accessed by the community to help prevent exploitation of this vulnerability.</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
<br>
</span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">It was also
noted (by the representative from </span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">Let's</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
Encrypt) that the ROCA vulnerability is presently identified through use of a tool supported externally. It was suggested that this resource be archived in a manner that ensures availability. (Our proposed language points to "<a class="x_x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcrocs-muni%2F&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427588972%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=N6HcZbwZZTdkY5lknnq8deftRy5neQ%2BIISeDzJQzxNs%3D&reserved=0" originalsrc="https://github.com/crocs-muni/" shash="nBg4z5ng+a8NF282+gGF1ChtqHECoem+q164m25YLUR33nMNXeLBx5L57+UmjMrAlI+GSD8fMs2LTpdGIKyDmkBeO+x1Cz/9J5l8bZkXI29eHNrKG6VlYEo5mMx18O3on/fBr1o6ICkY9F/YV0mlMXszrrnoQwkKtBXakuue7s8=">https://github.com/crocs-muni/</a></span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SpellingErrorV2 x_x_SCXW100400534 x_x_BCX2">roca</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
or equivalent.")</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
<br>
</span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">We think our
present ballot language (reproduced at the end of this message) provides appropriately focused guidance to CAs. If available,
</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">we'd</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
certainly like to also see the HARICA/</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SpellingErrorV2 x_x_SCXW100400534 x_x_BCX2">Sectigo</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
lists (which CAs could use for the majority of Debian weak key use cases) captured somewhere in this ballot language. We are agnostic as to 1) where exactly these resources might be maintained and 2) where this ballot places directions to these resources -
an annex to the current requirements, a separate CA/BF guidance document or within Sections 4.9.1.1/6.1.1.3.</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
<br>
</span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">Our intent is
to ensure that 1) clear, accurate guidance on CA expectations is provided and 2) any resources assisting CAs in meeting these expectations are fully described, publicly available (somewhere) and with reliable links provided. The language below, we feel, meets
the first requirement. </span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">We'd</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
appreciate input on how to best meet the second. (Note that SSL.com would be happy to support the community by hosting any of these as
</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">publicly
accessible</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
resources, whether solo or alongside other organizations.)</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
<br>
</span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">Chris K</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">SSL.com</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
<br>
</span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">=====</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">--- Motion Begins
---</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">This ballot
modifies the “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates” as follows, based on Version 1.7.</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">4</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">:</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">Proposed ballot
language:</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif; font-weight:bold"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">4.9.1.1
Reasons for Revoking a Subscriber Certificate</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">Replace:</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">4. The CA is
made aware of a demonstrated or proven method that can easily compute the Subscriber’s Private Key based on the Public Key in the Certificate (such as a Debian weak key, see
<a class="x_x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.debian.org%2FSSLkeys&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427588972%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=iWW%2BuEA9mcbJeC2ib%2BCqL9kX37UmbZc8vmwedxXYPVk%3D&reserved=0" originalsrc="https://wiki.debian.org/SSLkeys" shash="B4A31WY6KsxOB/QmLgLJ3P0ylCZbrChlRER1sIC4uhc49GXegw2CQXzRsnG3u8FFHEUAcArG9B/yMPU2FxMiwm73deSZwlmQU3Je9eImjpcp19Y47poC9exx/cMfxhb8WrS66XYXBIaav9btOUpWKs2F/LUEGuoiD3n9IKraf4Q=">
https://wiki.debian.org/SSLkeys</a>)</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">With:</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">4. The CA is
made aware of a demonstrated or proven method that can easily compute the Subscriber’s Private Key (such as those identified in 6.1.1.3(4)).</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">---</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif; font-weight:bold"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">6.1.1.3.
Subscriber Key Pair Generation</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">Replace:</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">The CA SHALL
reject a certificate request if one or more of the following conditions are met:</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">1. The Key Pair
does not meet the requirements set forth in Section 6.1.5 and/or Section </span>
</span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">6.1.6;</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">2. There is
clear evidence that the specific method used to generate the Private Key was </span>
</span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">flawed;</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">3. The CA is
aware of a demonstrated or proven method that exposes the Applicant's Private Key to
</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">compromise;</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">4. The CA has
previously been made aware that the Applicant's Private Key has suffered a Key Compromise, such as through the provisions of Section
</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">4.9.1.1;</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">5. The CA is
aware of a demonstrated or proven method to easily compute the Applicant's Private Key based on the Public Key (such as a Debian weak key, see
<a class="x_x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.debian.org%2FSSLkeys&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427598936%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Ew6NrifPP7aQ%2FpipZPoaVpAbG7f86rD3GNVxH3pXtyo%3D&reserved=0" originalsrc="https://wiki.debian.org/SSLkeys" shash="r60gR2uFrUYf8aJQ12oPkB4Gzf/lQee8Q16Rca6KqIdHdNtWI/3oo9ABWGs8lJpNi1vTkDXA5baLtshiLFjAQi+V9Fd/Hoe8AY4LneGipy6nfGjYClbZZbPiGFMm9MJsAzicy16ytJqFE9XD2c1QCVVSt4zJWbCPahyMQ7wNlZs=">
https://wiki.debian.org/SSLkeys</a>).</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">With:</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">The CA SHALL
reject a certificate request if one or more of the following occurs:</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">1) The requested
Public Key does not meet the requirements set forth in Sections 6.1.5 and/or </span>
</span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">6.1.6;</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">2) The CA is
aware of a demonstrated or proven method that exposes the Subscriber's Private Key to
</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">compromise;</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">3) The CA has
previously been made aware that the Subscriber's Private Key has suffered a Key Compromise, such as through the provisions of Section
</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">4.9.1.1;</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">4) The Public
Key corresponds to an industry demonstrated weak Private Key, in particular:</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">a) In the case
of ROCA vulnerability, the CA SHALL reject keys identified by the tools available at
<a class="x_x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcrocs-muni%2Froca&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427598936%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=zqHEv702oWQ2YA9BB57%2F9QtaMb1FIrSqe5ErCKo83e0%3D&reserved=0" originalsrc="https://github.com/crocs-muni/roca" shash="mTPmPKvLjjBLkvmD4lK/NCybeaj2II6sZdOxdjiL0h7H4oT6cCeprOsE3UoUOeqVLqmWiPaAWSkQGz2Op9R7VqaCeA880bWWS8n/z5cpAogjP5u7BH4XmTpJ4yO0IyotWWoTIA2uqJ3e3JuwcTCnUCe8LUaIXi5G5/HYtwRsJtc=">
https://github.com/crocs-muni/roca</a> or equivalent.</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">b) In the case
of Debian weak keys (<a class="x_x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwiki.debian.org%2FSSLkeys&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427608887%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Vf3oSwAp6t5ogXcgdDaIoXh7GRNnMuMye0oAB3t44vE%3D&reserved=0" originalsrc="https://wiki.debian.org/SSLkeys" shash="cD8eTqMCVB7igmOFtguZPI2uTl0tSi1bEEY0+1xZZK8DnV03vQO1k+tYKF2SXV3NVGxzAU1IcLdqkdBH0CLVZNPhMUB2+Dk7TGNVljVj6NmYnf4ES+2mbbMIEfl8PUjgxhUsMiuiHfKPosV5dYNC6CbzVtbNAmmnO3t8cjaxyS8=">https://wiki.debian.org/SSLkeys</a>),
the CA SHALL reject at least keys generated by the flawed OpenSSL version with the combination of the following parameters:</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SpellingErrorV2 x_x_SCXW100400534 x_x_BCX2">i</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">)
Big-endian 32-bit, little-endian 32-bit, and little-endian 64-bit </span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">architecture;</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">ii) Process
ID of 0 to 32767, </span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">inclusive;</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">iii) All RSA
Public Key lengths supported by the CA up to and including 4096 </span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_ContextualSpellingAndGrammarErrorV2 x_x_SCXW100400534 x_x_BCX2">bits;</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">iv)
</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SpellingErrorV2 x_x_SCXW100400534 x_x_BCX2">rnd</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">,
</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SpellingErrorV2 x_x_SCXW100400534 x_x_BCX2">nornd</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">,
and </span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SpellingErrorV2 x_x_SCXW100400534 x_x_BCX2">noreadrnd</span></span><span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">
OpenSSL random file state.</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">For Debian weak
keys not covered above, the CA SHALL take actions to minimize the probability of certificate issuance.</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2"></span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"> </span></p>
</div>
<div class="x_x_OutlineElement x_x_Ltr x_x_SCXW100400534 x_x_BCX2" style="direction:ltr">
<p class="x_x_Paragraph x_x_SCXW100400534 x_x_BCX2" style="margin-top: 0px; margin-bottom: 0px;margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; margin-top:0px; margin-bottom:0px; font-weight:normal; font-style:normal; vertical-align:baseline; background-color:transparent; color:windowtext; text-align:left; margin-left:0px; margin-right:0px; padding-left:0px; padding-right:0px; text-indent:0px">
<span class="x_x_TextRun x_x_SCXW100400534 x_x_BCX2" lang="EN-US" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><span class="x_x_NormalTextRun x_x_SCXW100400534 x_x_BCX2">--- Motion Ends
---</span></span><span class="x_x_EOP x_x_SCXW100400534 x_x_BCX2" style="font-size:11pt; line-height:19.425px; font-family:Calibri,Calibri_EmbeddedFont,Calibri_MSFontService,sans-serif"><br>
</span></p>
</div>
<div class="x_x_moz-cite-prefix">On 1/18/2021 3:34 PM, Rob Stradling wrote:<br>
</div>
<blockquote type="cite">
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
> I'm mid-way through generating the RSA-4096 keys.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
The RSA-4096 private keys and blocklists are now in <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fprivate_keys&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427608887%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=0znFAjKLax7sMw9zd1dVNwocZ1JRxKXOiLvAzs4vu5I%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/private_keys" shash="aPBqKEPnHic8CrzVJJ7Y4a0J24bHRv4bj4Hsd+/AWbzt42sU4rmhoQusnl1YxDtl6egmpamOiSnV/LAdJ8WLL+2KyVr4pd9QK7K769hhkIMhyi62zzHaIy37o7OZg3kkRbBFQdRGwQvo8QagrpC6+a+RTnzM+lWG+XKzlEJcLAU=">
https://github.com/CVE-2008-0166/private_keys</a> and <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fopenssl_blocklists&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427608887%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=NOXBe3t1dfJTyboeg%2BFKYZepK%2Fuu84FH5%2BL0P3gQelU%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/openssl_blocklists" shash="rrzJxVRA0RUx9aOhJ0LZvzrfmcWNR1HBvlvpLgs/hWnLkQwgiysGBdPiyZHS/I3sP87TXgzRagAj+CPPcZ802AKMC70v0xGX+u28VokEDFVUguwfQfjF5U/F4pNkOkjYbvYMYqU9+wZsGWDMxBxmnL8/2719IFnhyrMtSkMQExw=">
https://github.com/CVE-2008-0166/openssl_blocklists</a>.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
The RSA-2048 and RSA-4096 private keys in <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FHARICA-official%2Fdebian-weak-keys&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427618846%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Dhqfdr2dGsccIDXxzX8W3swXYMfkuSdEyofm8IrY6w0%3D&reserved=0" originalsrc="https://github.com/HARICA-official/debian-weak-keys" shash="CXK4GZWSWLk7WqwD2PAJtwq4+iDhxnFwjQcuosJpCqH9iBfXM+HgqFcDz+93jy75ET00tS42/bYqE1g+NxFJHwbSC8jPAyWHbTAPjKSqOkhQ69lK86nx3Hy63ndaSvTkiipOMBisV7OJ1a+Akfo/hIl8z9EYWcEo2wIyBTHxCXM=">https://github.com/HARICA-official/debian-weak-keys</a> (which
only covers 2 of the 3 word size / endianness combinations) are identical to the equivalents in <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fprivate_keys&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427618846%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=4jGuws7jDh%2FSA0tNHNwYP6WoSL2YHeJsgmNB43el4kw%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/private_keys" shash="OJz5mItiQ/GOyx73Nb9JBQNFYjANO9WQpP5vWqdC3MMHePV360Kw9nN5hL7iP2D3PT+GEGhiVUDT/c+zBkUS+RfmZHlrRn7RGChmMW5984YlBs2Hh3Wa7moBZqYAiC9jQ0Zi/wTn3D02xf2y6wxO1BjXZ3frPbYLABsSGl9+6gE=">https://github.com/CVE-2008-0166/private_keys</a>.</div>
<div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="x_x_divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> Dimitris Zacharopoulos (HARICA)
<a class="x_x_moz-txt-link-rfc2396E" href="mailto:dzacharo@harica.gr"><dzacharo@harica.gr></a><br>
<b>Sent:</b> 14 January 2021 18:39<br>
<b>To:</b> Rob Stradling <a class="x_x_moz-txt-link-rfc2396E" href="mailto:rob@sectigo.com">
<rob@sectigo.com></a>; CA/B Forum Server Certificate WG Public Discussion List <a class="x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org">
<servercert-wg@cabforum.org></a>; Jacob Hoffman-Andrews <a class="x_x_moz-txt-link-rfc2396E" href="mailto:jsha@letsencrypt.org">
<jsha@letsencrypt.org></a>; Christopher Kemmerer <a class="x_x_moz-txt-link-rfc2396E" href="mailto:chris@ssl.com">
<chris@ssl.com></a><br>
<b>Subject:</b> Re: [Servercert-wg] SCXX Ballot proposal: Debian Weak keys</font>
<div> </div>
</div>
<div>
<div style="background-color:#FAFA03; width:100%; border-style:solid; border-color:#000000; border-width:1pt; padding:2pt; font-size:10pt; line-height:12pt; font-family:'Calibri'; color:Black; text-align:left">
<span style="color:000000">CAUTION:</span> This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.</div>
<br>
<div><br>
<br>
<div class="x_x_x_moz-cite-prefix">On 14/1/2021 12:30 π.μ., Rob Stradling wrote:<br>
</div>
<blockquote type="cite">
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
Thanks Dmitris.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
So far I've generated the RSA-2048 and RSA-3072 keys using <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fkey_generator&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427618846%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=X%2FYscZuPRVGJL8QEL20esewX8EBq2XmujevGMoNyc5k%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/key_generator" shash="P+jKy9j5pAs3WJiVd9ttemV0jnK/mGZsr9KQLpVK4qIbVU00b5vI5W6Jxrk1by8Cm1mToRDsPTqtpO7/YMauV4aGflRqEjIoJCkLA5M2+5pusObvB1FpMZMpJly30nyYHxydJfvddLGGSDIZz3U3aQyiYLVfFpLDNjMWoymK8NI=">
https://github.com/CVE-2008-0166/key_generator</a> and uploaded them to <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fprivate_keys&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427628804%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=M9YAvqYsZBsy7ylSBD2PRWn5FD%2B5e0mAW3g09%2F%2Fi01Q%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/private_keys" shash="Im9gvfNYoqQQMjqVWylHqBlhEivrI2OZAC4BMngSS/+no9wmT3mgvW8+y0vDx2PpBgHYiXiGPFkavrlca4wM/HNBs9iyP2iMH/2LHR69ijoxZOFTkrQTjfsOVilrqUuO3fGUT8onJx1I+E+mpAEVvscB94wZkqvLp0G38sQi6Mo=">
https://github.com/CVE-2008-0166/private_keys</a>, and I've generated the corresponding blocklists and uploaded them to
<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FCVE-2008-0166%2Fopenssl_blocklists&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427628804%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=qs90ivAJks%2BHIgRFMo7waVR06sAfeOnVy%2Fd3uvhZwBc%3D&reserved=0" originalsrc="https://github.com/CVE-2008-0166/openssl_blocklists" shash="HDhFFUrP2bb3cJcc838MqzbZC5Ga0B1c1lKCV67KT0Sw2UxkYk2K+jQAXNjDd970brHjdQoZanO5swH1dQbycxAcaaxyQahcrBHoJUnfCtfpY5YER/xpDsAPLR716CA1Zl/8TmlKMVNTyz7zn6wQskVkylW5j6441HzxufdKQFE=">
https://github.com/CVE-2008-0166/openssl_blocklists</a>. My RSA-2048 blocklists exactly match the ones from the original Debian openssl-blacklist package.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
I'm mid-way through generating the RSA-4096 keys.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
Let's compare keys when we're both done. <span id="x_x_x_🙂">🙂</span></div>
</blockquote>
<br>
Certainly :-) the RSA-2048 keys already match the fingerprints from the openssl-blacklist Debian package.<br>
<br>
We did this work several months ago but never found the time to make it publicly available. We managed to break down the big task and run jobs in parallel which made things a bit more interesting.<br>
<br>
It's nice we did this independently, I guess it increases the accuracy level of the resulted keys :)<br>
<br>
<br>
Cheers,<br>
Dimitris.<br>
<br>
<blockquote type="cite">
<div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="x_x_x_divRplyFwdMsg" dir="ltr"><font face="Calibri,
sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> Dimitris Zacharopoulos (HARICA)
<a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:dzacharo@harica.gr"><dzacharo@harica.gr></a><br>
<b>Sent:</b> 13 January 2021 21:49<br>
<b>To:</b> Rob Stradling <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:rob@sectigo.com">
<rob@sectigo.com></a>; CA/B Forum Server Certificate WG Public Discussion List <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org">
<servercert-wg@cabforum.org></a>; Jacob Hoffman-Andrews <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:jsha@letsencrypt.org">
<jsha@letsencrypt.org></a>; Christopher Kemmerer <a class="x_x_x_moz-txt-link-rfc2396E" href="mailto:chris@ssl.com">
<chris@ssl.com></a><br>
<b>Subject:</b> Re: [Servercert-wg] SCXX Ballot proposal: Debian Weak keys</font>
<div> </div>
</div>
<div>
<div style="background-color:#FAFA03; width:100%; border-style:solid; border-color:#000000; border-width:1pt; padding:2pt; font-size:10pt; line-height:12pt; font-family:'Calibri'; color:Black; text-align:left">
<span style="color:000000">CAUTION:</span> This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.</div>
<br>
<div>Dear friends,<br>
<br>
HARICA has generated the weak keys (RSA 2048 and 4096 bit lengths) from the vulnerable openssl package. We will generate 3072 bit keys as well and add them soon. The methodology is described in the following GitHub repo along with the produced keys:<br>
<ul>
<li><a class="x_x_x_x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FHARICA-official%2Fdebian-weak-keys&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427638763%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=2LMewzOLNRKgtOoPARP4WDsHJBpwKiVlu8xYOWO4TtI%3D&reserved=0" originalsrc="https://github.com/HARICA-official/debian-weak-keys" shash="gfxEKxtWRSXXWoPVemsQN+jf7WqP6EpbW9yDNb4CU9lGmc84OJbJiRSfxmyq70all++kpAwbht0DzMKWJT4xkMwNwbEln0B+tnrfvpfjXwBgVYnM/t7njrINdubdYU06M3EgI6c+P6+dV8jiTUMQBonT0Yxhlm0meLJT6hRKj9k=">https://github.com/HARICA-official/debian-weak-keys</a></li></ul>
Please review and let us know if you spot any issues or problems with our approach and methodology.<br>
<br>
As always, please use other people's work at your own risk.<br>
<br>
<br>
Dimitris.<br>
<br>
<div class="x_x_x_x_moz-cite-prefix">On 7/1/2021 2:25 μ.μ., Rob Stradling via Servercert-wg wrote:<br>
</div>
<blockquote type="cite">
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
I've used crt.sh to produce a survey of key algorithms/sizes in currently unexpired, publicly-trusted server certificates:</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgist.github.com%2Frobstradling%2Fa5590b6a13218fe561dcb5d5c67932c5&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427638763%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=zyp7rN9Ter7PZFrcoOOJpiD%2FXK4i5ywH76X%2BC5d4Yeo%3D&reserved=0" originalsrc="https://gist.github.com/robstradling/a5590b6a13218fe561dcb5d5c67932c5" shash="JuBXR7c2E6I4+zJCiQyBBJGrr4C1ZHGLzKSJV+sqTkqfvRnvRXUy6qlIp7q/nDjof3swcOdP2QmxXKRwcCyyrgBSbd3nqNItw8+2vJPxVo5qPkhO9ita6GbiySPwSLlUJbucOdysFEw69DCtC3TOVg7R3J3YMHdJRlAFZ79SY7Q=">https://gist.github.com/robstradling/a5590b6a13218fe561dcb5d5c67932c5</a><br>
</div>
<div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
The four most popular choices are no surprise: RSA-2048, P-256, RSA-4096, and P-384. openssl-blacklist covers RSA-2048 and RSA-4096, and ECC keys are implicitly not Debian weak keys.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<span style="color:rgb(0,0,0); font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt">Fifth most popular is RSA-3072, with over 3 million unexpired, publicly-trusted server certs. openssl-blacklist doesn't cover RSA-3072, but ISTM that this is a key
size that CAs will want to permit.</span><br>
</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<span style="color:rgb(0,0,0); font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt"><br>
</span></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
Some of the lesser used key sizes are mostly likely due to Subscriber typos (e.g., 2408 and 3048 were probably intended to be 2048, 4048 was probably intended to be either 2048 or 4096, etc), but some of the other ones look like they were deliberately chosen
(e.g., 2432 is 2048+384). Is it worth generating Debian weak keys/blocklists for any of these key sizes?</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<span style="color:rgb(0,0,0); font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt"><br>
</span></div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<span style="color:rgb(0,0,0); font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt"><a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fnvlpubs.nist.gov%2Fnistpubs%2FSpecialPublications%2FNIST.SP.800-57pt1r5.pdf&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427638763%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=3liYc3twFgYbd%2F6JAQ96%2FDoNMMKUFsPlkMznegF77GM%3D&reserved=0" originalsrc="https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf" shash="FyXlHNGqyi/Gsto1fwJa+YEFkuEjn/M8XbVxBVLr9tHmSNPgt6csb+q+WHbw/OxZd1tsmYuAPJeFqU/fs+L+99e1HulqDB9Cfwze/Ae6N1uvjDeZ9ugiDdsiR5STBmfc9Epj6aTzbtIlwJsbei+wDmd53tpi7dAAEF94tiacz7M=">https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r5.pdf</a> (Table
4, p59) permits RSA-2048 until the end of 2030, whereas </span><a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.sogis.eu%2Fdocuments%2Fcc%2Fcrypto%2FSOGIS-Agreed-Cryptographic-Mechanisms-1.2.pdf&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427648716%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=t8p%2BoIE1SPC8qw1mnFrEeO%2BWHYB%2FVOA3lkU1sef%2ByWU%3D&reserved=0" originalsrc="https://www.sogis.eu/documents/cc/crypto/SOGIS-Agreed-Cryptographic-Mechanisms-1.2.pdf" shash="ATIkuTkcs0q/chXlR4DeF2g0ok8FNxOVftMd2fHMJSYqgZBeNHB2WBCpzlDMGVn/PbarJSf3/bIZ+vYYDVqz1spFBpMR+roGEc/deIp9ojibDhemmzb3jhYoI4qPo5zG+gEeAkun38+UBINrTqWA1o6+Gg7MxY327hQD0ZhbNc0=" style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt">https://www.sogis.eu/documents/cc/crypto/SOGIS-Agreed-Cryptographic-Mechanisms-1.2.pdf</a> permits
RSA-2048 only until the end of 2025. It is of course possible that quantum computing will render RSA obsolete before Subscribers need to think about which larger RSA keysize they want to migrate to; however, it seems prudent to also plan for the possibility
that RSA will survive and that some other RSA keysize(s) might become popular.</div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="x_x_x_x_divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> Servercert-wg
<a class="x_x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg-bounces@cabforum.org">
<servercert-wg-bounces@cabforum.org></a> on behalf of Rob Stradling via Servercert-wg
<a class="x_x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org">
<servercert-wg@cabforum.org></a><br>
<b>Sent:</b> 06 January 2021 16:08<br>
<b>To:</b> Jacob Hoffman-Andrews <a class="x_x_x_x_moz-txt-link-rfc2396E" href="mailto:jsha@letsencrypt.org">
<jsha@letsencrypt.org></a>; Christopher Kemmerer <a class="x_x_x_x_moz-txt-link-rfc2396E" href="mailto:chris@ssl.com">
<chris@ssl.com></a>; CA/B Forum Server Certificate WG Public Discussion List <a class="x_x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org">
<servercert-wg@cabforum.org></a><br>
<b>Subject:</b> Re: [Servercert-wg] SCXX Ballot proposal: Debian Weak keys</font>
<div> </div>
</div>
<div dir="ltr">
<div style="background-color:#FAFA03; width:100%; border-style:solid; border-color:#000000; border-width:1pt; padding:2pt; font-size:10pt; line-height:12pt; font-family:'Calibri'; color:Black; text-align:left">
<span style="color:000000">CAUTION:</span> This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.</div>
<br>
<div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<div style="margin:0px; font-size:12pt">Jacob wrote:</div>
<div style="margin:0px; font-size:12pt">> Lastly, I think we should archive openssl-blacklist, and include in the BRs: "A CA may reject the full set of Debian weak keys by rejecting this superset of the Debian weak keys:</div>
<div style="margin:0px; font-size:12pt">><br>
<div>> - All RSA public keys with modulus lengths other than 2048 or 4096, and</div>
<div>> - All RSA public keys with exponents other than 65537, and</div>
<div><br>
</div>
<div>Hi Jacob. 65537 (aka 0x10001) is hard-coded here...</div>
<div><span style="background-color:rgb(255,255,255); display:inline!important"><br>
</span></div>
<div><span style="background-color:rgb(255,255,255); display:inline!important"><a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fopenssl%2Fopenssl%2Fblob%2FOpenSSL_0_9_8f%2Fapps%2Freq.c%23L768&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427648716%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=4ROhglN%2FjGObdJvEVKvM90IxeO7IhKtPubHTUBzBkhY%3D&reserved=0" originalsrc="https://github.com/openssl/openssl/blob/OpenSSL_0_9_8f/apps/req.c#L768" shash="YNoUUAG3yXwE8nSloVTH6llF2Ny2UvqTijXxWSw4V7XRRyxA6j8D8z0cxlNC4pOk64iKIWKtoxd9HzzY9IepvXO2sOnOBlUXD8sXU7KWxVoSOzt+c88f2NoSs8wwMwwFG+6hSCn+a4hwpMkK8C4FBsLY6hNCTWrHItpdFpUhopQ=">https://github.com/openssl/openssl/blob/OpenSSL_0_9_8f/apps/req.c#L768</a><br>
</span></div>
<div><br>
</div>
<div>Would it therefore be fair to say that keys with public exponents other than 65537 are implicitly
<u>not</u> Debian weak keys?</div>
<div><br>
</div>
> - All RSA public keys that are detected as vulnerable by the openssl-vulnkey program in the openssl-blacklist package version 0.5-3 (see addendum), or an equivalent program."</div>
</div>
<div>
<div style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:12pt; color:rgb(0,0,0)">
<br>
</div>
<hr tabindex="-1" style="display:inline-block; width:98%">
<div id="x_x_x_x_x_divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>From:</b> Servercert-wg
<a class="x_x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg-bounces@cabforum.org">
<servercert-wg-bounces@cabforum.org></a> on behalf of Jacob Hoffman-Andrews via Servercert-wg
<a class="x_x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org">
<servercert-wg@cabforum.org></a><br>
<b>Sent:</b> 12 December 2020 02:21<br>
<b>To:</b> Christopher Kemmerer <a class="x_x_x_x_moz-txt-link-rfc2396E" href="mailto:chris@ssl.com">
<chris@ssl.com></a>; CA/B Forum Server Certificate WG Public Discussion List <a class="x_x_x_x_moz-txt-link-rfc2396E" href="mailto:servercert-wg@cabforum.org">
<servercert-wg@cabforum.org></a><br>
<b>Subject:</b> Re: [Servercert-wg] SCXX Ballot proposal: Debian Weak keys</font>
<div> </div>
</div>
<div>
<div style="background-color:#FAFA03; width:100%; border-style:solid; border-color:#000000; border-width:1pt; padding:2pt; font-size:10pt; line-height:12pt; font-family:'Calibri'; color:Black; text-align:left">
<span style="color:000000">CAUTION:</span> This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.</div>
<br>
<div>
<div dir="ltr">Thanks for your continued efforts to improve this part of the BRs! Let's Encrypt is in theory interested in endorsing, but I think it still needs a bit of work. Thanks for incorporating my most recent comments on endianness and word size vs 11
platforms.<br>
<br>
Goals: We want CAs to consistently not issue certificates for weak keys in general, and also in the specific case of Debian and ROCA keys. We want the definition of Debian and ROCA keys to be clear and actionable for as long as possible - say, at least twenty
years.<br>
<br>
We have three ways to specify Debian and ROCA keys: With a list, with a tool, or with an algorithm*. The original revision of this ballot proposed to use a list (<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fpipermail%2Fservercert-wg%2F2020-April%2F001821.html&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427648716%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=YvYqBm1HlforxiPN1zQbeSUf4AW04sLaYCuEjiLfFzA%3D&reserved=0" originalsrc="https://lists.cabforum.org/pipermail/servercert-wg/2020-April/001821.html" shash="AZXChxEe7L7Uriz+JjF9FbHaBQotKLobWwqav3S5ml6TEWL8R34iE+6sX3/iEILo9Hnhojzca+IvYjvotdeQ7dCyTO3GCbU7NfYgt0XQus/j/W3eu1BliVsuCTBCGu7Y3o919gT4aeU+WN3Fj8UmDpKf5q4eq29sQIlIq0TmJr4=">https://lists.cabforum.org/pipermail/servercert-wg/2020-April/001821.html</a>).
There were two objections:<br>
<br>
- The list (openssl-blacklist) is subject to change or removal.<br>
- The list only covers 2048 and 4096 bit keys.<br>
<br>
The current draft proposes specifying a tool for ROCA (<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcrocs-muni%2Froca&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427658670%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Ybwh7xp1zVuEj8avYqsDHslP2NrZEzoOPOx4bEI4%2B5I%3D&reserved=0" originalsrc="https://github.com/crocs-muni/roca" shash="uYowUAts3PcSd7iXWK6RAjClS6SwfaKj/Er4AhlmV3ZD+l3jQzt+ppfWzJ2aA4rIhaGsUkdq8ajovInHUY5zbR52KoiYtvu73A23wmyhlTIHoNKj72dANG3q/zBty7UwqBR5YjdqLjcfkzX+2iOOFT1Tc33kne6tKNv740bmO8g=">https://github.com/crocs-muni/roca</a>)
and an algorithm for Debian keys.<br>
<br>
The ROCA tool is subject to change or removal, just like the openssl-blacklist package. I propose we instead specify ROCA detection in terms of the paper (<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcrocs.fi.muni.cz%2Fpublic%2Fpapers%2Frsa_ccs17&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427658670%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=6550FZqHPDF6KM3F17d6rKeCfP0Zau%2BGWYwPYal7acY%3D&reserved=0" originalsrc="https://crocs.fi.muni.cz/public/papers/rsa_ccs17" shash="O8NGLs/FjVlItXhJzexXojjO0O+llkrxJIRf9xtgKUOBa9eJcfn7aqHPZXlKMfE36it8tJRzW2m5d349Y8XDD1q0YjSvnmuCK840/JKGXZlYJkwDCBXpkim2z/blAuaQg1GwNIvqziLBIA0NyvxI6xjqBe8GlmG7A838k1DHY6E=">https://crocs.fi.muni.cz/public/papers/rsa_ccs17</a>)
and ask for permission from the authors to archive an unchanging copy as an addendum to the BRs.<br>
<br>
For Debian keys, what looks like an algorithm specification is actually a tool + algorithm specification. The tool is "OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems" (per CVE-2008-01666 -
<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3D2008-0166&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427658670%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=QdZIVGYB%2B3jgtU05nS52CnLACgzSkjXmC%2FonOtuWFa4%3D&reserved=0" originalsrc="https://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0166" shash="oAdhV+ApQ0aqAK/NbjorqR5EeoCkWzOECn6xPUsDFK9tbMq++myyK8BhkKPKRFwyInFQcGqh6sn1ha9Heo8KM0ZGxWGWqAev8+Ncczx5bg5DNFUbsptPERsOhbteZOwVXonwYb+lSNikRcMKTFU8bGk7qpGMvBaNVd7kQYFzz5I=">
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0166</a>). To ensure an unchanging copy of that, we should archive 3 copies of Debian, for the 3 word size + endianness combinations.<br>
<br>
The algorithm also needs an additional line: "v) using the command 'openssl req -nodes -subj / -newkey rsa:<Public Key length>'" (adapted from
<a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsources.debian.org%2Fdata%2Fmain%2Fo%2Fopenssl-blacklist%2F0.5-3%2Fexamples%2Fgen_certs.sh&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427668630%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=%2FmV%2BEdnUMMSfAiJBQfFxfcq98T5WzVgTj%2Bhqjbt7AJY%3D&reserved=0" originalsrc="https://sources.debian.org/data/main/o/openssl-blacklist/0.5-3/examples/gen_certs.sh" shash="cPRUtVb/SlGHTMBUyuetnjDmOeJcU5HzoIPdR5qQ3LYeWp1gyh9noY5zbo33DuXLfqdEsmAl4pzYwL/UfQWb8GCRhHFKonUPNpAx9ukRwVvsZ4LIp2fx05xDCJOQ2aAicpsFfiNznXeOYftg1v2qsH88BDAguVZU52WGU7Q+biU=">
https://sources.debian.org/data/main/o/openssl-blacklist/0.5-3/examples/gen_certs.sh</a>). Other tools that linked OpenSSL, like openvpn and openssh, generated different sets of keys. We can include or exclude openvpn and openssh keys, but should thoroughly
specify.<br>
<br>
Lastly, I think we should archive openssl-blacklist, and include in the BRs: "A CA may reject the full set of Debian weak keys by rejecting this superset of the Debian weak keys:<br>
<br>
- All RSA public keys with modulus lengths other than 2048 or 4096, and<br>
- All RSA public keys with exponents other than 65537, and<br>
- All RSA public keys that are detected as vulnerable by the openssl-vulnkey program in the openssl-blacklist package version 0.5-3 (see addendum), or an equivalent program."<br>
<br>
My reasoning: Given the difficulty of correctly setting up old Debian versions and generating weak keys for sizes that are not part of openssl-blacklist, I expect most CAs will choose this path. Given that, we should just say what we mean: the pregenerated
list is fine if you restrict key sizes, but you don't *have* to restrict key sizes, so long as you have an alternate method to ensure you're not issuing for Debian weak keys at other sizes.<br>
<br>
*I'm considering specifying an algorithm to be functionally equivalent to specifying an "outcome," though I recognize this may be too hand-wavy.<br>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="x_x_x_x_mimeAttachmentHeader"></fieldset>
<pre class="x_x_x_x_moz-quote-pre">_______________________________________________
Servercert-wg mailing list
<a class="x_x_x_x_moz-txt-link-abbreviated" href="mailto:Servercert-wg@cabforum.org">Servercert-wg@cabforum.org</a>
<a class="x_x_x_x_moz-txt-link-freetext" href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.cabforum.org%2Fmailman%2Flistinfo%2Fservercert-wg&data=04%7C01%7Crob%40sectigo.com%7Ca505320417514683604108d962906fbc%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C637649196427668630%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=Z77j7m49%2BG5JpAB2aJbLYXkFx2DHsia00M2%2FIRob%2Bqs%3D&reserved=0" originalsrc="https://lists.cabforum.org/mailman/listinfo/servercert-wg" shash="oTcqr+D90PqZTcb9Kt+qSMEeEN956X+/2pKvJtIc5By7YwxJNCBNzImqTEfLevaT4TgVyz49y811SXHFSAAjve7VCNVgGDVeMfpGL+waynKMqO46e+rO+qOC6888Budn3ZDVOHKLhZy5jE0lDEvk4k6FqFR/0QoXTWkmtqeauD4=">https://lists.cabforum.org/mailman/listinfo/servercert-wg</a>
</pre>
</blockquote>
<br>
</div>
</div>
</div>
</blockquote>
<br>
</div>
</div>
</div>
</blockquote>
</div>
</div>
</div>
</blockquote>
</div>
</div>
</div>
</body>
</html>