On Thu, Mar 7, 2019 at 7:47 PM Peter Gutmann via dev-security-policy < [email protected]> wrote:
> > 0. Given that the value of 64 bits was pulled out of thin air (or possibly > less well-lit regions), does it really matter whether it's 63 bits, 64 > bits, 65 3/8th bits, or e^i*pi bits? > I was actually joking on Twitter... Let's say there's a CA that specializes in -- among other things -- special requests... What if they typically utilize 71-bits of entropy, encoded with a fixed high-order bit value of 0, to ensure no extra encoding, and the 7/8 of one byte + the following 8 bytes are fully populated with 71 bits of entropy as requested from an appropriate entropy source... What if a special customer (who may be a degenerate gambler, but isn't necessarily -- it's merely theorized) insists that they're only going to accept a "lucky" certificate whose overall serial number decimal value is any one of the set of any and all prime numbers which may be expressed in the range of 71-bit unsigned integers? Can the CA's agent just request the cert, review the to-be-signed certificate data, and reject and retry until they land on a prime? Then issue that certificate? Does current policy address that? Should it? _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
