On Fri, Dec 1, 2017 at 12:34 PM, Jakob Bohm via dev-security-policy < [email protected]> wrote:
> On 01/12/2017 17:06, Ryan Sleevi wrote: > >> On Fri, Dec 1, 2017 at 10:33 AM, Jakob Bohm via dev-security-policy < >> [email protected]> wrote: >> >>> >>> Depending on the prevalence of non-public CAs (not listed in public >>> indexes) based on openssl (this would be a smallish company thing more >>> than a big enterprise thing), it might be useful to have *two* fixed >>> salt lengths for each combination of hash algorithm and RSA key length: >>> >>> 1. The salt length=hash length case previously suggested. >>> >>> 2. The salt length=largest permitted by RSA key length and hash length >>> (OpenSSL default). >>> >>> Each of these could still be defined in a memcmp-able way. >>> >>> >> Yes. You could add flexibility if there was both data to support it and >> justification for the added complexity (passed on to all consumers). >> >> I think there is a tremendously high bar to suggest such things are good, >> and I don't think it's much useful to discuss what's possible without >> having a position in favor (and data to support) or against (and data to >> support). >> >> > I am saying someone with the resources should check if there is such > data. > I'm not disagreeing with you that's a potential step. I'm saying that unless you're stepping up with that data, then describing how and saying someone should do it - without data to support its necessity or lack thereof - isn't as useful. That is, you've described a possible hypothetical scenario. You've described how it could be measured. We could rathole into the discussions about the challenges in such measurement (and the time to gather such data), but such a discussion would not be useful without some initial sense of how realistic that hypothetical is. We know, from the facts of the matter, that the realistic nature of that hypothetical is low, and furthermore, given the facts, the relative impact of said hypothetical is low. So I don't think it's necessary useful to discuss what we could do to support an unmeasured hypothetical whose prevalence can be empirically deduced to be low apriori. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
