On Friday, March 15, 2019 at 12:45:39 PM UTC-7, Ryan Sleevi wrote: > On Fri, Mar 15, 2019 at 3:35 PM Daymion Reynolds via dev-security-policy < > [email protected]> wrote: > > > > On Wednesday, March 13, 2019 at 8:17:00 PM UTC-4, Daymion Reynolds wrote: > > > > > > > In accordance with our conversations to date, prior to 3/7 6:30pm AZ > > we utilized raw 64 bit output from CSPRING, with uniqueness and non zero > > checks. This new understanding of the rules calls for us to modify our > > original disclosure to 0 affected certificates. > > > > Please read through earlier posts discussing this. > > > > Daymion, > > I was hoping you could respond more. I think based on the discussion on the > list to date, it's actually not clear that GoDaddy was compliant (as noted > in [1]), and Adam's response seems to support that. > > A filtering algorithm that "returns 64 random bits from a CSPRNG with at > least one bit in the highest byte set to 1" is fairly ambiguous. If you're > returning 64 random bits AND a byte with at least one bit set to one, > that's different than returning 64 random bits and discarding values which > don't have a bit in the high byte set to one. > > [1] > https://groups.google.com/d/msg/mozilla.dev.security.policy/S2KNbJSJ-hs/ydp17Nz7BgAJ > > [2] > https://groups.google.com/d/msg/mozilla.dev.security.policy/S2KNbJSJ-hs/2UIea4fyBgAJ
I am investigating as it does not match my understanding. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
