[cabfpub] Ballot 152 - Issuance of SHA-1 certificates through 2016

Rick Andrews Rick_Andrews at symantec.com
Mon Oct 12 18:19:38 UTC 2015


Symantec and the endorsers withdraw this ballot.



From: public-bounces at cabforum.org [mailto:public-bounces at cabforum.org] On
Behalf Of Rick Andrews
Sent: Friday, October 02, 2015 10:45 AM
To: public at cabforum.org
Subject: [cabfpub] Ballot 152 - Issuance of SHA-1 certificates through 2016



Ballot 152 - Issuance of SHA-1 certificates through 2016

The following motion has been proposed by Rick Andrews of Symantec and
endorsed by Bruce Morton of Entrust, Jody Cloutier of Microsoft, and Kirk
Hall of Trend Micro.



-- MOTION BEGINS -



1)      Modify section 7.1.3 of Baseline Requirements as follows:

The purpose of the ballot is to allow the issuance of SHA-1 certificates
through 2016, with maximum Expiry Date of 31 December 2016. Although the
vast majority of customers have been able or will be able to transition to
SHA-2 certificates by the issuance termination date of 31 December 2015, a
very small number of very large enterprise customers have disclosed to us
that they simply cannot complete this work before the issuance deadline.
This is attributed to the sheer volume of certificates that they need to
migrate (numbering in the thousands), and their end-of-year blackout period.
These customers accept the risk of continuing to use new SHA-1 certificates,
and assert that if they can continue to enroll for and receive SHA-1
certificates through 2016 (all with an expiration date of 31 December 2016
or earlier), they will be able to complete the transition by the end of
2016.



We realize that extending the issuance period will extend the collision
attack period. Although we feel that the BRs already mandate enough entropy
(typically in the certificate serial number) to guard against that attack,
it can be further mitigated by limiting SHA-1 certificate issuance to
Subordinate CAs that have a basicConstraints pathLength = 0.



The intent of the ballot is to allow limited issuance of SHA-1 certificates
through 2016, as long as any SHA-1 certificate created in 2016 expires by
the end of 2016. We also correct the number of the Section number in the
body of the Section (which incorrectly references “Section 9.4.2” - that
mistake was probably made in the conversion to RFC 3647 format).



BR 1.3.0 currently reads:

“7.1.3. Algorithm Object Identifiers

Effective 1 January 2016, CAs MUST NOT issue any new Subscriber certificates
or Subordinate CA certificates using the SHA‐1 hash algorithm. CAs MAY
continue to sign certificates to verify OCSP responses using SHA1 until 1
January 2017. This Section 9.4.2 does not apply to Root CA or CA cross
certificates. CAs MAY continue to use their existing SHA‐1 Root
Certificates. SHA‐2 Subscriber certificates SHOULD NOT chain up to a SHA‐1
Subordinate CA Certificate.”



“Effective 16 January 2015, CAs SHOULD NOT issue Subscriber Certificates
utilizing the SHA‐1 algorithm with an Expiry Date greater than 1 January
2017 because Application Software Providers are in the process of
deprecating and/or removing the SHA‐1 algorithm from their software, and
they have communicated that CAs and Subscribers using such certificates do
so at their own risk.”



Modify section 7.1.3 of Baseline Requirements as follows: (see attached Word
or PDF files to more clearly view the proposed changes):



“7.1.3. Algorithm Object Identifiers

Effective 1 January 2016, CAs MUST NOT issue any new Subordinate CA
certificates using the SHA‐1 hash algorithm. Effective 1 January 2017, CAs
MUST NOT issue any new Subscriber certificates using the SHA‐1 hash
algorithm. CAs MAY continue to sign certificates to verify OCSP responses
using SHA1 until 1 January 2017. This Section 7.1.3 does not apply to Root
CA or CA cross certificates. CAs MAY continue to use their existing SHA‐1
Root Certificates. SHA‐2 Subscriber certificates SHOULD NOT chain up to a
SHA‐1 Subordinate CA Certificate.



Effective 16 January 2015, CAs SHOULD NOT issue Subscriber Certificates
utilizing the SHA‐1 algorithm with an Expiry Date greater than 1 January
2017 because Application Software Providers are in the process of
deprecating and/or removing the SHA‐1 algorithm from their software, and
they have communicated that CAs and Subscribers using such certificates do
so at their own risk.



Effective 1 January 2016, CAs MUST NOT issue Subscriber Certificates
utilizing the SHA‐1 algorithm with an Expiry Date greater than 1 January
2017. Any SHA-1 Subscriber Certificates issued after 1 January 2016 must be
signed by a Subordinate CA certificate with a basicConstraints pathLen=0.”

-- MOTION ENDS -



The review period for this ballot shall commence at 2200 UTC on Monday,
October 5, 2015, and will close at 2200 UTC on Monday, October 12, 2015.
Unless the motion is withdrawn during the review period, the voting period
will start immediately thereafter and will close at 2200 UTC on Monday,
October 19, 2015. Votes must be cast by posting an on-list reply to this
thread.

A vote in favor of the motion must indicate a clear 'yes' in the response. A
vote against must indicate a clear 'no' in the response. A vote to abstain
must indicate a clear 'abstain' in the response. Unclear responses will not
be counted. The latest vote received from any representative of a voting
member before the close of the voting period will be counted. Voting members
are listed here:  <https://cabforum.org/members/>
https://cabforum.org/members/



In order for the motion to be adopted, two thirds or more of the votes cast
by members in the CA category and greater than 50% of the votes cast by
members in the browser category must be in favor. Quorum is currently nine
(9) members- at least nine members must participate in the ballot, either by
voting in favor, voting against, or abstaining.

-Rick

<<...>> <<...>>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20151012/ed0f4d6b/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5749 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20151012/ed0f4d6b/attachment-0001.p7s>


More information about the Public mailing list