[cabfpub] Serial Number Entropy

Ben Wilson ben.wilson at digicert.com
Mon Aug 11 11:53:55 MST 2014

The purpose of this email is just to place a reminder for us or get the conversation going if anyone wants to discuss this suggestion from a call I was on today -

Could the CA/B Forum (and Browser root programs) revise/update its response to the 2008 Sotirov MD5 pre-image attack?

The commenter's point was that today there are other ways to reduce the risk of this pre-image attack in addition to 20-bit entropy in serial numbers (which we specify in the Baseline Requirements for SSL and the Code Signing draft).  Those include-  variable issuance/expiration times (e.g. minutes, seconds, etc.) and better hash algorithms (not SHA1).

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20140811/9882afea/attachment.html 

More information about the Public mailing list