<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;
font-family:"Calibri",sans-serif;
mso-ligatures:none;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">From my point of view the proposed ballot text requires that a CA must be able to identify all possible (theoretical?) Debian weak keys for all key sizes supported by the CA. In practice this would mean that we will have to limit the supported
key sizes to the those were it’s feasible to identify such keys (e.g. 2048, 4096 bits RSA – as defined in available tools). This is possible, but not optimal for us. If the Debian weak key requirement will be removed or loosened up later, we could revert the
supported key sizes again and this would be confusing for our Subscribers and the market.
<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I would therefore prefer that we decide how we would like the treatment of Debian weak keys (for all key sizes) should be in the future now - before the ballot is finalized. I am in favor of CAs checking for vulnerable keys, but not if
the risk of using such keys is mostly theoretical. <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Regards<o:p></o:p></p>
<p class="MsoNormal">Mads <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Servercert-wg <servercert-wg-bounces@cabforum.org>
<b>On Behalf Of </b>Wayne Thayer via Servercert-wg<br>
<b>Sent:</b> Thursday, July 6, 2023 12:40 AM<br>
<b>To:</b> Clint Wilson <clintw@apple.com>; CA/B Forum Server Certificate WG Public Discussion List <servercert-wg@cabforum.org><br>
<b>Subject:</b> Re: [Servercert-wg] SC-59 Weak Key Guidance v.2 - Discussion Period<o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">On Wed, Jul 5, 2023 at 2:15 PM Clint Wilson via Servercert-wg <<a href="mailto:servercert-wg@cabforum.org">servercert-wg@cabforum.org</a>> wrote:<o:p></o:p></p>
</div>
<div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">I agree with the ballot author(s) and endorsers. This ballot is focused on addressing gaps in the current BRs related to overall weak key guidance (not just Debian weak key checks). The topic of removing the requirement for Debian weak
key checking is separate from what I understand the intent and goal of this ballot to ever have been and should be addressed in its own ballot. <o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal">Is the concern from CAs that the Debian weak key requirements in this ballot are meaningfully different than what they’re doing today, and they’d like to avoid doing that work? If so, can you explain what the difference(s) is and what impact
it’s expected to have for your CA? <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</div>
</blockquote>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">I don't want to speak for Christophe, but the proposed requirements for checking Debian weak keys are clearly more prescriptive and will at a minimum require any diligent CA to evaluate their implementation to verify compliance. I don't
think it's unreasonable to assume that some CAs will need to make changes to fully comply. Given the debate about the value of this requirement, moving ahead is a suboptimal use of CA resources.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Suggestion: Perhaps the specifics could be removed from the Debian weak keys list item in this ballot and deferred to a future ballot that either completely removes, or adds the desired detail to the requirement?<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Wayne<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"> <o:p></o:p></p>
</div>
<blockquote style="border:none;border-left:solid #CCCCCC 1.0pt;padding:0in 0in 0in 6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<div>
<p class="MsoNormal">FWIW my read of the current situation is that I don’t think there’s consensus to remove Debian weak key checks at this time, but I do think there’s at least rough consensus that it’s a topic worth discussing/pursuing.<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Thanks,<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">-Clint<o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</div>
</div>
</blockquote>
</div>
</div>
</div>
</body>
</html>