Hi Tom,
Tom Smyth wrote on Wed, Mar 13, 2019 at 08:32:20PM +:
> Just saw the following article and i was wondering if libressl
> Might be affected by the bug also
> Top bit being set to 0 always making an effective 63 bits rather than 64
> bits
If i understand the article you quote correctly, is is about a minor
bug in some CA softwares (i.e. softwares used to operate certificate
authorities). As far as i am aware, LibreSSL does *not* include any
software that can be used to operate a certificate authority.
The "openssl ca" subcommand of openssl(1) definitely does not count.
The openssl(1) utility is a *testing tool* and must not be used for
any kind of production purposes.
So i don't see how LibreSSL could possibly be affected.
If you still think it might be, please consider stating more precisely
which part of LibreSSL (i.e. which library function) you fear might
be broken in precisely which way.
> https://www.theregister.co.uk/2019/03/13/tls_cert_revoke_ejbca_config/
My impression is that the most important sentence from that article is
the following:
While the serial number security issue is largely theoretical -
63 bits leaves plenty of space to fend off collision attacks,
even if it's not compliant with the spec [...]
That means this is unlikely to be a security issue in the first
place but looks more like a minor bug where some software is
gratutiosly violating a specification. Sure, specifications should
not be set aside without a good reason, and certainly not accidentally,
and bugs ought to be fixed, but i fail to see any indication that
this bug might be more important than other run-of-the-mill bugs.
Please take this with a grain of salt: while i did occasionally
work on LibreSSL documentation in the past, my knowledge and
experience in matters of cryptography and PKI is very limited.
But i thought quick feedback might help to discourage people from
panicking.
Also, if you want to continue this discussion, i suggest moving
to misc@. You didn't include a patch! ;-)
Yours,
Ingo