<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
p.elementtoproof, li.elementtoproof, div.elementtoproof
{mso-style-name:elementtoproof;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.contentpasted2
{mso-style-name:contentpasted2;}
span.EmailStyle22
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:70.85pt 85.05pt 70.85pt 85.05pt;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1361320111;
mso-list-template-ids:1939887548;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1
{mso-list-id:1846750795;
mso-list-template-ids:2128524026;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">I disagree that 1 and 2 are redundant.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The second demands a proven, demonstrable method of key recovery. This is not always available for the more theoretical key generation flaws that fall under 1.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">For example, an implementation flaw that reduces the effective size of a RSA-2048 bit key to RSA-1900 or so is obviously a flaw, but demonstrating key recovery would be … challenging.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">-Tim<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in 0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Servercert-wg <servercert-wg-bounces@cabforum.org>
<b>On Behalf Of </b>Inigo Barreira via Servercert-wg<br>
<b>Sent:</b> Thursday, March 16, 2023 12:11 PM<br>
<b>To:</b> CA/B Forum Server Certificate WG Public Discussion List <servercert-wg@cabforum.org><br>
<b>Subject:</b> [Servercert-wg] RV: Redline for SC-59: Weak keys ballot<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span lang="EN-GB">Forwarding it to the Sever Certificate WG<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-GB"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span lang="ES">De:</span></b><span lang="ES"> Smcwg-public <<a href="mailto:smcwg-public-bounces@cabforum.org">smcwg-public-bounces@cabforum.org</a>>
<b>En nombre de </b>Chris Kemmerer via Smcwg-public<br>
<b>Enviado el:</b> jueves, 16 de marzo de 2023 15:46<br>
<b>Para:</b> <a href="mailto:smcwg-public@cabforum.org">smcwg-public@cabforum.org</a><br>
<b>Asunto:</b> [Smcwg-public] Redline for SC-59: Weak keys ballot<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><span lang="ES"><o:p> </o:p></span></p>
<div style="border:solid black 1.0pt;padding:2.0pt 2.0pt 2.0pt 2.0pt">
<p class="MsoNormal" style="line-height:12.0pt;background:#FAFA03"><span lang="ES" style="font-size:10.0pt;color:black">CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and
know the content is safe.<o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span lang="ES"><o:p> </o:p></span></p>
<div>
<div>
<p class="MsoNormal" style="background:white"><span lang="ES" style="font-size:12.0pt;color:black">Hello,<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span lang="ES" style="font-size:12.0pt;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span lang="ES" style="font-size:12.0pt;color:black">A diff for our proposed changes may be found here: <a href="https://url.avanan.click/v2/___https:/nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fservercert%2Fcompare%2F2c63814...9ecc201%3Fdiff%3Dsplit&data=05%7C01%7Cinigo.barreira%40sectigo.com%7C9d27ee5b4bb7400b1fa908db262d2483%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638145747577702166%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=FaXtQOTrKeZMl523hWU9ts32%2B05OaGiT8S%2BdJzsczq4%3D&reserved=0___.YXAzOmRpZ2ljZXJ0OmE6bzpmMmUyNTYxYThmMDRmNWU3OTZlZWJhOTUzZGExNTU0MTo2OjkyNTA6NzIxNzQ3NjRmZDllYjc2YmVkMDM2NDI4MjIxY2YxODMyYmNjMzFmODI4MmNhYjQ2ODk2ZTUyOTI5ZTQzYTRiNjpoOkY" title="Protected by Avanan: https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fservercert%2Fcompare%2F2c63814...9ecc201%3Fdiff%3Dsplit&data=05%7C01%7Cinigo.barreira%40sectigo.com%7C9d27ee5b4bb7400b1fa908db262d2483%7C0e9c489">https://github.com/cabforum/servercert/compare/2c63814...9ecc201?diff=split</a><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt;background:white"><span lang="ES" style="font-size:12.0pt;color:black"><br>
This compares the current BR branch (2c63814) with our latest updates. Ben Wilson and Martijn Katerbarg have offered extremely useful suggestions, some of which we have accommodated and others we offer for discussion. Specifically, in 6.1.1.3:<o:p></o:p></span></p>
</div>
<div>
<ul type="disc">
<li class="elementtoproof" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span class="contentpasted2"><span lang="ES" style="font-size:12.0pt">Our version removes the provision "2. There is clear evidence that the specific method used to generate the Private Key was flawed" as we believe that this case is essentially the same as
the next one (i.e. "clear evidence" of a flawed method must lead to awareness of the "demonstrated or proven method")</span></span><span lang="ES" style="font-size:12.0pt"><o:p></o:p></span></li><li class="elementtoproof" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span class="contentpasted2"><span lang="ES" style="font-size:12.0pt">The four items 4 (b) (i though iv) are inclusive (i.e all parameters combined) and are now joined by an "and"</span></span><span lang="ES" style="font-size:12.0pt"><o:p></o:p></span></li><li class="elementtoproof" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span class="contentpasted2"><span lang="ES" style="font-size:12.0pt">As this ballot covers various weak key issues, "Debian" has been removed where not specifically required</span></span><span lang="ES" style="font-size:12.0pt"><o:p></o:p></span></li><li class="elementtoproof" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span class="contentpasted2"><span lang="ES" style="font-size:12.0pt">The directive that "CAs MUST check for Debian weak keys for all RSA modulus lengths and exponents that they accept" was added via discussion in our SCWG calls and in our view reinforces and
extends the provision in 4(b). It should be decided if there will be a cutoff point or not. If a CA wants to support 16384-bit RSA keys, do they have to generate first all Debian weak keys of that size or could it be assumed that such Debian weak keys are
not expected to have been generated before?</span></span><span lang="ES" style="font-size:12.0pt"><o:p></o:p></span></li><li class="elementtoproof" style="color:black;mso-list:l0 level1 lfo3;background:white">
<span class="contentpasted2"><span lang="ES" style="font-size:12.0pt">We had included links to specific tools but now see that these (and more!) may be found at
<a href="https://url.avanan.click/v2/___https:/cabforum.org/resources/tools/___.YXAzOmRpZ2ljZXJ0OmE6bzpmMmUyNTYxYThmMDRmNWU3OTZlZWJhOTUzZGExNTU0MTo2OjgwOWY6NTQ3NWJjNGNmMDRhZWE3ODdmMDRhZWIxMjJjOWViMTNlYTE1ZjA1MTAxNDYwOTdmNDRmNTUzNjhjOWY4ZWUyNDpoOkY" title="Protected by Avanan: https://cabforum.org/resources/tools/">
https://cabforum.org/resources/tools/</a> under "Check for Bad Private Keys". We have edited the section to direct to this resource.</span></span><span lang="ES" style="font-size:12.0pt"><o:p></o:p></span></li></ul>
<div>
<p class="MsoNormal" style="background:white"><span class="contentpasted2"><span lang="ES" style="font-size:12.0pt;color:black">Regards,</span></span><span lang="ES" style="font-size:12.0pt;color:black"><br>
<br>
<span class="contentpasted2">Chris K</span><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span lang="ES" style="font-size:12.0pt;color:black"><o:p> </o:p></span></p>
</div>
</div>
<div>
<p class="MsoNormal" style="background:white"><span lang="ES" style="font-size:12.0pt;color:black"><o:p> </o:p></span></p>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span lang="ES" style="font-size:12.0pt;color:black"><o:p> </o:p></span></p>
</div>
</div>
<div>
<p class="MsoNormal" style="background:white"><span lang="ES" style="font-size:12.0pt;color:black"><o:p> </o:p></span></p>
</div>
</div>
</div>
</div>
</body>
</html>