[cabfpub] Ballot 111 - Accelerate Max Certificate Lifetime Reduction Timetable

kirk_hall at trendmicro.com kirk_hall at trendmicro.com
Thu Nov 28 20:53:12 UTC 2013

To further pile-on, Gerv...

Trend Micro only issues one- and two-year certs (no 60-month product offerings), so we have no dog in this fight, but here's our concern with Ballot 111:

1. When we approved the BRs in July 2012, we selected the phase-out date of 1 April 2015 for most 60 month certs.  That seemed adequate from an internet security standpoint.  Has anything changed from a security standpoint in the last 17 months that indicates we should shorten the phase out date by one year?  Not that I'm aware of.

2.  It is entirely possible that presently-unknown difficulties (perhaps SHA2 will break the Foo Algorithm) will push back Microsoft's end-date for SHA1 from January 1, 2017 to a later date.  (This kind of thing has happened before.)  That would mean there was no real purpose in aligning the date for phase out of 60 month certs with the <current> phase out date for SHA1.

Are there any known security breaches from past-issued 60 month certs (such as someone stealing the private key plus using the cert beyond a 39 month expiration period, someone selling an old server that had a private key plus 60-month cert on it, change of corporate identity during a five-year period that rendered a properly-issued 60-month cert inaccurate, but the cert was still used, etc.)?  Or is the concern more theoretical?

From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On Behalf Of Robin Alden
Sent: Thursday, November 28, 2013 2:53 AM
To: 'Bruce Morton'; ben at digicert.com; gerv at mozilla.org; CABFPub
Subject: Re: [cabfpub] Ballot 111 - Accelerate Max Certificate Lifetime Reduction Timetable

I also believe that this ballot is somewhat hasty.

The deployment time is short.

The proposed dates do not line up.  01-Apr-2014 + 39 months <> 01-Jan-2017.

If the de facto deprecation exists then there is no motivation to rush to make it de jure.

As Bruce mentions, the ballot does not address SHA-1/SHA-2.

I apologize I wasn't on the last CABF call, or I would have said at least some of this then.


From: questions-bounces at cabforum.org [mailto:questions-bounces at cabforum.org] On Behalf Of Bruce Morton
Sent: 27 November 2013 20:28
To: ben at digicert.com; Gervase Markham (gerv at mozilla.org); questions at cabforum.org
Subject: Re: [cabfquest] [cabfpub] Ballot 111 - Accelerate Max Certificate Lifetime Reduction Timetable

I would like to provide a response to the ballot. As the ballot currently is written, if Entrust was able to vote, we would vote No.

First, we believe the timing of the ballot doesn't give CAs and Subscribers enough lead time.

-          If the ballot is approved, it will only give the CAs a little over 3 months to deploy. Why construct a ballot that will either have non-compliant CAs or have CAs change release cycles to address a non-security change?

-          As well as technical changes, other items need to be addressed such as licensing agreements, technical notes, marketing pages, etc.

Second, although the ballot states it wants to take advantage of the /de facto/ deprecation of SHA-1, it does not address SHA-1:

-          Per Appendix A, SHA-1 is still allowed to be issued with no wind down period

-          Changing from 60 months to 39 months, one year earlier, still allows CAs to issue 39 month SHA-1 signed certificates ... forever.

-          Why does the ballot state /de facto/ deprecation, when only one browser has a policy to deprecate SHA-1?

Regardless of the ballot, the CAs will need to take action to support the Microsoft SHA-1 policy and to minimize Subscriber issues in 2017. CA's should consider:

-          Changing the signing default from SHA-1 to SHA-2.

-          Limiting the validity period of SHA-1 signed certificates to 31 December 2016

-          On 1 Jan 2016, stop signing certificates with SHA-1

What should the CAB Forum do?

-          Evaluate the Microsoft Policy and update certificate signing requirements in the Baseline Requirements

-          Leave the validity period deprecation alone as it does not address SHA-1 signing

If replying to this email, please send responses to the public list.

Thanks for allowing me to provide input

All the best, Bruce.

From: public-bounces at cabforum.org<mailto:public-bounces at cabforum.org> [mailto:public-bounces at cabforum.org] On Behalf Of Ben Wilson
Sent: Tuesday, November 26, 2013 12:53 PM
To: public at cabforum.org<mailto:public at cabforum.org>
Subject: [cabfpub] Ballot 111 - Accelerate Max Certificate Lifetime Reduction Timetable

Ballot 111 - Accelerate Max Certificate Lifetime Reduction Timetable

Gervase Markham (Mozilla) made the following motion, endorsed by Eddy Nigg from StartCom and Ryan Hurst from Globalsign:

--- Motion begins ---

The CAB Forum wishes to take advantage of the /de facto/ deprecation of the near-ubiquitous SHA-1 hash algorithm in the Web PKI and its 1 January 2017 retirement by accelerating the Forum's planned move to shorter maximum certificate lifetimes, in order to attain a more agile certificate ecosystem.

Therefore, effective immediately, the Baseline Requirements are altered as follows:

Update section 9.4.1 to change both occurrences of "1 April 2015" to "1 April 2014".

Update the Relevant Compliance Dates table on page ii to change

2015-04-01 to 2014-04-01 in the appropriate line.

... Motion ends ...

The ballot review period comes into effect immediately upon posting today (Tuesday, 26 November 2013) and will close at 2200 UTC on Tuesday, 5 December 2013.  Unless the ballot is withdrawn or modified during the review period, the voting period will start immediately thereafter and will close at 2200 UTC on Tuesday, 12 December 2013.  If the ballot is modified during such voting period for reasons other than to correct minor typographical errors, then the ballot will be deemed to have been withdrawn.

Votes must be cast by posting an on-list reply to this thread.

A vote in favor of the ballot must indicate a clear 'yes' in the response.

A vote against the ballot must indicate a clear 'no' in the response.  A vote to abstain must indicate a clear 'abstain' in the response. Unclear responses will not be counted.  The latest vote received from any representative of a voting member before the close of the voting period will be counted.

Voting members are listed here: http://www.cabforum.org/forum.html

In order for the motion to be adopted, two thirds or more of the votes cast by members in the CA category and more than one half of the votes cast by members in the browser category must be in favor. Also, quorum is currently set at 6 members-- at least 6 members must participate in the ballot, either by voting in favor, voting against, or by abstaining for the vote to be valid.

<table class="TM_EMAIL_NOTICE"><tr><td><pre>
The information contained in this email and any attachments is confidential 
and may be subject to copyright or other intellectual property protection. 
If you are not the intended recipient, you are not authorized to use or 
disclose this information, and we request that you notify us by reply mail or
telephone and delete the original message from your mail system.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20131128/acb95e8b/attachment-0003.html>

More information about the Public mailing list