Hi, I'm not entirely sure if this is the right place to discuss this, but I also don't really know where else.
Do people have thoughts about suspicious keys like this? https://crt.sh/?id=8093628131 (Have a look at the modulus / N value, it has a lot of zeros) This key is certainly not securely generated. What I am wondering: * What caused such a key to be created? * Can it be broken? * Anyone aware of any analysis or relevant research for keys with suspicious patterns? * Should CAs be under any obligation to detect and reject such keys? (I am detecting such keys in badkeys by looking for 16 repeating bytes, which I consider as practically impossible to happen by chance in a proper key generation process.) -- Hanno Böck https://hboeck.de/ -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/20221203204840.1d25853a%40computer.
