<div dir="ltr"><div>Without getting to the meat of the ballot, three minor editorial comments:</div><div>- the phrase "[based] on the Public Key in the Certificate" should not be removed from 4.9.1.1(4). If there is a method which can compute the private key based on other data, unassociated with the certificate itself, that's simply a Key Compromise. If the authors strongly believe that this phrase should be dropped, then the word "based" must also be removed.</div><div>- It's unclear to me why the phrase "conditions are met" is replaced with "occurs", when the following items are not active verb phrases. One would not say that "the Key Pair does not meet the requirements set forth in..." is something that <i>occurs</i>, it is something that is always statically true or false, i.e. it is a condition that is met.</div><div>- The sentence beginning "Suggested tools..." should be part of numbered item 6.1.1.3(4), not a separate paragraph at the top level of section 6.1.1.3</div><div><br></div><div>Aaron</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Mar 16, 2023 at 9:11 AM Inigo Barreira via Servercert-wg <<a href="mailto:servercert-wg@cabforum.org">servercert-wg@cabforum.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div class="msg1288444365432019302"><div lang="ES" style="overflow-wrap: break-word;"><div class="m_1288444365432019302WordSection1"><p class="MsoNormal"><span lang="EN-GB">Forwarding it to the Sever Certificate WG<u></u><u></u></span></p><p class="MsoNormal"><span lang="EN-GB"><u></u> <u></u></span></p><div><div style="border-right:none;border-bottom:none;border-left:none;border-top:1pt solid rgb(225,225,225);padding:3pt 0cm 0cm"><p class="MsoNormal"><b>De:</b> Smcwg-public <<a href="mailto:smcwg-public-bounces@cabforum.org" target="_blank">smcwg-public-bounces@cabforum.org</a>> <b>En nombre de </b>Chris Kemmerer via Smcwg-public<br><b>Enviado el:</b> jueves, 16 de marzo de 2023 15:46<br><b>Para:</b> <a href="mailto:smcwg-public@cabforum.org" target="_blank">smcwg-public@cabforum.org</a><br><b>Asunto:</b> [Smcwg-public] Redline for SC-59: Weak keys ballot<u></u><u></u></p></div></div><p class="MsoNormal"><u></u> <u></u></p><div style="border:1pt solid black;padding:2pt"><p class="MsoNormal" style="line-height:12pt;background:rgb(250,250,3)"><span style="font-size:10pt;color:black">CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.<u></u><u></u></span></p></div><p class="MsoNormal"><u></u> <u></u></p><div><div><p class="MsoNormal" style="background:white"><span style="font-size:12pt;color:black">Hello,<u></u><u></u></span></p></div><div><p class="MsoNormal" style="background:white"><span style="font-size:12pt;color:black"><u></u> <u></u></span></p></div><div><p class="MsoNormal" style="background:white"><span style="font-size:12pt;color:black">A diff for our proposed changes may be found here: <a href="https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fcabforum%2Fservercert%2Fcompare%2F2c63814...9ecc201%3Fdiff%3Dsplit&data=05%7C01%7Cinigo.barreira%40sectigo.com%7C9d27ee5b4bb7400b1fa908db262d2483%7C0e9c48946caa465d96604b6968b49fb7%7C0%7C0%7C638145747577702166%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=FaXtQOTrKeZMl523hWU9ts32%2B05OaGiT8S%2BdJzsczq4%3D&reserved=0" target="_blank">https://github.com/cabforum/servercert/compare/2c63814...9ecc201?diff=split</a><u></u><u></u></span></p></div><div><p class="MsoNormal" style="margin-bottom:12pt;background:white"><span style="font-size:12pt;color:black"><br>This compares the current BR branch (2c63814) with our latest updates. Ben Wilson and Martijn Katerbarg have offered extremely useful suggestions, some of which we have accommodated and others we offer for discussion. Specifically, in <a href="http://6.1.1.3" target="_blank">6.1.1.3</a>:<u></u><u></u></span></p></div><div><ul type="disc"><li class="m_1288444365432019302elementtoproof" style="color:black;background:white"><span class="m_1288444365432019302contentpasted2"><span style="font-size:12pt">Our version removes the provision "2. There is clear evidence that the specific method used to generate the Private Key was flawed" as we believe that this case is essentially the same as the next one (i.e. "clear evidence" of a flawed method must lead to awareness of the "demonstrated or proven method")</span></span><span style="font-size:12pt"><u></u><u></u></span></li><li class="m_1288444365432019302elementtoproof" style="color:black;background:white"><span class="m_1288444365432019302contentpasted2"><span style="font-size:12pt">The four items 4 (b) (i though iv) are inclusive (i.e all parameters combined) and are now joined by an "and"</span></span><span style="font-size:12pt"><u></u><u></u></span></li><li class="m_1288444365432019302elementtoproof" style="color:black;background:white"><span class="m_1288444365432019302contentpasted2"><span style="font-size:12pt">As this ballot covers various weak key issues, "Debian" has been removed where not specifically required</span></span><span style="font-size:12pt"><u></u><u></u></span></li><li class="m_1288444365432019302elementtoproof" style="color:black;background:white"><span class="m_1288444365432019302contentpasted2"><span style="font-size:12pt">The directive that "CAs MUST check for Debian weak keys for all RSA modulus lengths and exponents that they accept" was added via discussion in our SCWG calls and in our view reinforces and extends the provision in 4(b). It should be decided if there will be a cutoff point or not. If a CA wants to support 16384-bit RSA keys, do they have to generate first all Debian weak keys of that size or could it be assumed that such Debian weak keys are not expected to have been generated before?</span></span><span style="font-size:12pt"><u></u><u></u></span></li><li class="m_1288444365432019302elementtoproof" style="color:black;background:white"><span class="m_1288444365432019302contentpasted2"><span style="font-size:12pt">We had included links to specific tools but now see that these (and more!) may be found at <a href="https://cabforum.org/resources/tools/" target="_blank">https://cabforum.org/resources/tools/</a> under "Check for Bad Private Keys". We have edited the section to direct to this resource.</span></span><span style="font-size:12pt"><u></u><u></u></span></li></ul><div><p class="MsoNormal" style="background:white"><span class="m_1288444365432019302contentpasted2"><span style="font-size:12pt;color:black">Regards,</span></span><span style="font-size:12pt;color:black"><br><br><span class="m_1288444365432019302contentpasted2">Chris K</span><u></u><u></u></span></p></div><div><p class="MsoNormal" style="background:white"><span style="font-size:12pt;color:black"><u></u> <u></u></span></p></div></div><div><p class="MsoNormal" style="background:white"><span style="font-size:12pt;color:black"><u></u> <u></u></span></p></div><div><div><p class="MsoNormal" style="background:white"><span style="font-size:12pt;color:black"><u></u> <u></u></span></p></div></div><div><p class="MsoNormal" style="background:white"><span style="font-size:12pt;color:black"><u></u> <u></u></span></p></div></div></div></div>_______________________________________________<br>
Servercert-wg mailing list<br>
<a href="mailto:Servercert-wg@cabforum.org" target="_blank">Servercert-wg@cabforum.org</a><br>
<a href="https://lists.cabforum.org/mailman/listinfo/servercert-wg" rel="noreferrer" target="_blank">https://lists.cabforum.org/mailman/listinfo/servercert-wg</a><br>
</div></blockquote></div>