[cabfpub] Proposal of a SHA-1 exception procedure

Dean Coclin Dean_Coclin at symantec.com
Mon Jun 20 16:02:15 UTC 2016

Eric- I get that. Lessons learned is a great tool for future deprecations. But what I think the processor industry doesn’t understand is how the particular name of the applicant helps toward that end. What difference does it make if the applicant name is Chase, TSYS, Worldpay, or Blueswipe?  It seems the valuable answers to help future deprecations are those to questions 3-8 (i.e. what steps have been taken, impact, expected transition time, awareness, etc). How does the specific entity name address your goal?



From: Eric Mill [mailto:eric at konklone.com] 
Sent: Saturday, June 18, 2016 11:25 AM
To: Dean Coclin <Dean_Coclin at symantec.com>
Cc: Ryan Sleevi <sleevi at google.com>; CABFPub <public at cabforum.org>
Subject: Re: [cabfpub] Proposal of a SHA-1 exception procedure


On Fri, Jun 17, 2016 at 6:35 PM, Dean Coclin <Dean_Coclin at symantec.com <mailto:Dean_Coclin at symantec.com> > wrote: 


>>I think this is the crux of the issue which will require dissecting this sentence. First, “That includes the necessary disclosures and information so that we can gather information necessary to avoid such situations in the future”: This is great and  I don’t think anyone has an issue with gathering this information so the CA/B Forum and root store operators can avoid future issues. The second part, “while having the necessary transparency for us effectively accepting, on behalf of the Internet trust ecosystem, the security risks” focuses on the security risks which I thought were ameliorated by the cryptanalysis. Is this not true?


The cryptanalysis ameliorates risks associated with the basic technical weaknesses that prompted the SHA-1 deprecation. It doesn't speak to any risks associated with how long it has taken the ecosystem to migrate away from SHA-1.


Those risks are just as real, especially since continued issuance of SHA-1 signatures by any one actor creates risk for all actors. And they'll be just as real when it's time to deprecate SHA-2, or to deal with practical quantum computing. To the extent the SHA-1 deprecation is a dry run for future migrations, the cryptanalysis is less important than the business analysis -- an analysis the entire community needs access to.


-- Eric

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160620/a52f9e87/attachment-0003.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5723 bytes
Desc: not available
URL: <http://lists.cabforum.org/pipermail/public/attachments/20160620/a52f9e87/attachment-0001.p7s>

More information about the Public mailing list