The certificate has been revoked and replaced by the subscriber. The private key has been factored by remy_o, who says:
> the modulus that be factored by considering it as a polynomial of base 2^160 and using standard algebra software On Sat, Dec 3, 2022 at 2:48 PM Hanno Böck <[email protected]> wrote: > Hi, > > I'm not entirely sure if this is the right place to discuss this, but > I also don't really know where else. > > Do people have thoughts about suspicious keys like this? > https://crt.sh/?id=8093628131 > (Have a look at the modulus / N value, it has a lot of zeros) > > This key is certainly not securely generated. What I am wondering: > * What caused such a key to be created? > * Can it be broken? > * Anyone aware of any analysis or relevant research for keys with > suspicious patterns? > * Should CAs be under any obligation to detect and reject such keys? > > (I am detecting such keys in badkeys by looking for 16 repeating bytes, > which I consider as practically impossible to happen by chance in a > proper key generation process.) > > -- > Hanno Böck > https://hboeck.de/ > > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/20221203204840.1d25853a%40computer > . > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAKh5S0bOBqk2Xb8Qk%2BWKH8ZN3XMb2GoeBw%2Bv0wUDTA_vUL03Ug%40mail.gmail.com.
