On Friday, March 15, 2019 at 12:53:15 PM UTC-7, Daymion Reynolds wrote: > On Friday, March 15, 2019 at 12:45:39 PM UTC-7, Ryan Sleevi wrote: > > On Fri, Mar 15, 2019 at 3:35 PM Daymion Reynolds via dev-security-policy < > > [email protected]> wrote: > > > > > > On Wednesday, March 13, 2019 at 8:17:00 PM UTC-4, Daymion Reynolds > > > > wrote: > > > > > > > > > In accordance with our conversations to date, prior to 3/7 6:30pm AZ > > > we utilized raw 64 bit output from CSPRING, with uniqueness and non zero > > > checks. This new understanding of the rules calls for us to modify our > > > original disclosure to 0 affected certificates. > > > > > > Please read through earlier posts discussing this. > > > > > > > Daymion, > > > > I was hoping you could respond more. I think based on the discussion on the > > list to date, it's actually not clear that GoDaddy was compliant (as noted > > in [1]), and Adam's response seems to support that. > > > > A filtering algorithm that "returns 64 random bits from a CSPRNG with at > > least one bit in the highest byte set to 1" is fairly ambiguous. If you're > > returning 64 random bits AND a byte with at least one bit set to one, > > that's different than returning 64 random bits and discarding values which > > don't have a bit in the high byte set to one. > > > > [1] > > https://groups.google.com/d/msg/mozilla.dev.security.policy/S2KNbJSJ-hs/ydp17Nz7BgAJ > > > > [2] > > https://groups.google.com/d/msg/mozilla.dev.security.policy/S2KNbJSJ-hs/2UIea4fyBgAJ > > > I am investigating as it does not match my understanding.
The timeline does match expectation. When the 64bit issue was escalated, GoDaddy decided to apply a fix on 3/7 to meet our BR interpretation of certificate must be “containing at least 64 bits of OUTPUT”. The fastest change was to set a minimum value. This is the source of the most significant bit you are referencing. https://groups.google.com/d/msg/mozilla.dev.security.policy/S2KNbJSJ-hs/F8AS4MNVCAAJ On 3/12 we discussed what 64bits meant[1], had agreement from Ryan Sleevi[2] any most significant bit would be acceptable. We made the change later that same day to the described configuration. [1=https://groups.google.com/d/msg/mozilla.dev.security.policy/S2KNbJSJ-hs/2UIea4fyBgAJ [2]https://groups.google.com/d/msg/mozilla.dev.security.policy/S2KNbJSJ-hs/HeCLu1rzBgAJ Lastly, it was identified\discussed since we were STARTING with 64bits it was acceptable. Therefore, GoDaddy was in compliance prior to 3/7. After this discussion we changed back to the pre 3/7 configuration on 3/13. https://groups.google.com/d/msg/mozilla.dev.security.policy/S2KNbJSJ-hs/vqt_XWX6CgAJ _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
