[cabfpub] Pre-Ballot 164 - Certificate Serial Number Entropy

Ryan Sleevi sleevi at google.com
Fri Feb 26 23:03:25 UTC 2016


Is there a reason for the change from "entropy" to "unpredictable bits"

Would you be opposed to "64 bits of random data from a cryptographically
strong random number generator"?

The concern I have with the language change is that while "entropy" is
arguably less ambiguous, I fear "unpredictable bits" will create a
situation where a CA says "No one knows our [deterministic] algorithm,
therefore it's unpredictable"

I admit, I'm not terribly thrilled with my rewrite either, because I don't
think it should be required to use an RNG on an HSM, for example (that's
arguably overkill), but I do want to make sure that the source of entropy
is cryptographically strong (thus ruling out Microsoft's GUIDs, crappy
RNGs, etc)

On Fri, Feb 26, 2016 at 1:49 PM, Ben Wilson <ben.wilson at digicert.com> wrote:

> *For discussion:*
>
> *Pre-Ballot 164 - Certificate Serial Number Entropy*
>
> -- Motion Begins --
>
> In Section 7.1 of the Baseline Requirements,
>
> REPLACE
>
> "CAs SHOULD generate non-sequential Certificate serial numbers that
> exhibit at least 20 bits of entropy"
>
> WITH
>
> "Effective April 1, 2016, CAs SHALL use a Certificate serialNumber greater
> than zero (0) that contains at least 64 unpredictable bits."
>
> -- Motion Ends --
>
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160226/c343c8fa/attachment-0003.html>


More information about the Public mailing list