[cabfpub] Pre-Ballot 164 - Certificate Serial Number Entropy
Fotis Loukos
fotisl at it.auth.gr
Tue May 3 13:16:17 UTC 2016
On 04/28/2016 11:53 PM, Jacob Hoffman-Andrews wrote:
> On Fri, Apr 22, 2016 at 9:01 AM, Tim Hollebeek <THollebeek at trustwave.com
> <mailto:THollebeek at trustwave.com>> wrote:
>
> This is why I proposed and continue to support an actual
> definition. If people don’t like my definition, I’m open to
> improvements. I don’t think it should be too hard to come up with
> one that excludes the four examples Doug mentioned, and I think mine
> currently does.
>
>
> I think we're unlikely to conclusively define entropy in a way that
> auditors can reasonably measure. What we want to do here is rule out
> solutions that are obviously wrong. How about this:
>
> "CAs SHALL use a Certificate serialNumber greater than zero (0)
> containing at least 64 bits of output from a CSPRNG"
>
> "CSPRNG: A random number generator intended for use in cryptographic system"
Wouldn't this prohibit the usage of a true RNG, such as a Geiger-Muller
tube detecting radioactive decay, measurement of cosmic background
radiation or any quantum phenomena? I know that these RNGs aren't that
popular, but why limit them?
Fotis
>
> This rules out things like GUID, which are easy to verify as not
> intended for use in a cryptographic system
> <https://blogs.msdn.microsoft.com/oldnewthing/20120523-00/?p=7553>,
> without creating a cryptanalytic test for whether something qualifies as
> a CSPRNG.
>
> That said, I still think it would be sufficient to continue to use
> "entropy" without further definition, and if we can't settle on a good
> definition soon, we should proceed with that approach.
>
>
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public
>
More information about the Public
mailing list