RE: Certificates with less than 64 bits of entropy

-security-policy@lists.mozilla.org] Sent: Saturday, August 19, 2017 12:06 PM To: Stephen Davidson Cc: r...@sleevi.com; mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: Certificates with less than 64 bits of entropy On Fri, Aug 18, 2017 at 12:04 PM, Stephen Davidson via dev-security-policy

Re: Certificates with less than 64 bits of entropy

On Fri, Aug 18, 2017 at 12:04 PM, Stephen Davidson via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > > 4) The list of affected certificates is attached in spreadsheet > form; they will be uploaded to CT as well. You will note that the number > has declined – Siemens'

Re: Certificates with less than 64 bits of entropy

On Fri, Aug 18, 2017 at 04:04:48PM +, Stephen Davidson via dev-security-policy wrote: > Siemens has previously indicated that the affected certificates are > installed on high profile websites and infrastructure for Siemen’s group > companies around the world, and that a rushed revocation

RE: Certificates with less than 64 bits of entropy

Thanks Ryan, and I note your further posting regarding prompt response.  Noting your desire for detail, I have hesitated to respond with partial answers as both Siemens and QuoVadis are working hard to fix the issues with the Siemens CA and to replace the certificates as quickly as possible.

Re: Certificates with less than 64 bits of entropy

On Fri, Aug 18, 2017 at 1:34 AM Jakob Bohm via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > Since QuoVadis has not yet responded, let me point to a few (partial) > answers already known from previous messages from QuoVadis or others: I believe it would be far more

Re: Certificates with less than 64 bits of entropy

org> wrote: Update on Siemens - Certificates with less than 64 bits of entropy The following is regarding the topic https://groups.google.com/ forum/#!topic/mozilla.dev.security.policy/vl5eq0PoJxY regarding the “Siemens Issuing CA Internet Server 2016” that is root signed by QuoVadis and indepen

Re: Certificates with less than 64 bits of entropy

For posterity, here is a link to a separate thread started by D-Trust containing their response to this report: https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/UnR98QjWQQs -Vincent ___ dev-security-policy mailing list

RE: Certificates with less than 64 bits of entropy

Update on Siemens - Certificates with less than 64 bits of entropy The following is regarding the topic https://groups.google.com/forum/#!topic/mozilla.dev.security.policy/vl5eq0PoJxY regarding the “Siemens Issuing CA Internet Server 2016” that is root signed by QuoVadis and independently

RE: Certificates with less than 64 bits of entropy

As previously noted on this list, there are two Siemens CAs that have issued certificates with less than 64 bits of entropy. See https://misissued.com/batch/6/ The Siemens Issuing CA Internet 2013 is subordinate to a DigiCert-owned root, and the Siemens Issuing CA Internet 2016 is signed by Quo

Re: Certificates with less than 64 bits of entropy

On Sunday, 13 August 2017 04:04:45 UTC+1, Eric Mill wrote: > While not every issuing CA may take security seriously enough to employ > engineers on staff who can research, author and deploy a production code > fix in a 24 hour period, every issuing CA should be able to muster the > strength to

RE: Certificates with less than 64 bits of entropy

a-dev-security-pol...@lists.mozilla.org; Jeremy Rowley <jeremy.row...@digicert.com> Subject: Re: Certificates with less than 64 bits of entropy If they're not going to revoke within 24 hours and willingly violate that part of the policy, I would at least expect them to, within that 24 hours

Re: Certificates with less than 64 bits of entropy

gt; > Cc: Jeremy Rowley <jeremy.row...@digicert.com>; Jonathan Rudenberg < > jonat...@titanous.com>; mozilla-dev-security-pol...@lists.mozilla.org > Subject: Re: Certificates with less than 64 bits of entropy > > > > Have they fixed whatever issue there is with

Re: Certificates with less than 64 bits of entropy

On 8/11/2017 7:26 AM, Ben Wilson wrote: > > With regard to Siemens, given the large number of certificates and > the disruption that massive revocations will have on their > infrastructure, what does this community expect them to do? > Each violation of published requirements for the operation

RE: Certificates with less than 64 bits of entropy

a-dev-security-pol...@lists.mozilla.org Subject: Re: Certificates with less than 64 bits of entropy They are no longer issuing from the digicert cross. The issue is within their PKI but there should be no additional certificates chained to DigiCert roots On Aug 11, 2017, at 8:33 AM, B

Re: Certificates with less than 64 bits of entropy

ists.mozilla.org<mailto:mozilla-dev-security-pol...@lists.mozilla.org> Subject: Re: Certificates with less than 64 bits of entropy Have they fixed whatever issue there is with their PKI infrastructure that leads to this issue? From skimming, I see this pool contains certs issued as recently as one m

RE: Certificates with less than 64 bits of entropy

: Friday, August 11, 2017 8:31 AM To: Ben Wilson <ben.wil...@digicert.com> Cc: Jeremy Rowley <jeremy.row...@digicert.com>; Jonathan Rudenberg <jonat...@titanous.com>; mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: Certificates with less than 64 bits of entropy Have t

Re: Certificates with less than 64 bits of entropy

urity-policy-bounces+ben= > digicert@lists.mozilla.org] On Behalf Of Jeremy Rowley via > dev-security-policy > Sent: Thursday, August 10, 2017 12:01 PM > To: Jonathan Rudenberg <jonat...@titanous.com>; > mozilla-dev-security-pol...@lists.mozilla.org > Subject: RE: Certi

RE: Certificates with less than 64 bits of entropy

@lists.mozilla.org] On Behalf Of Jeremy Rowley via dev-security-policy Sent: Thursday, August 10, 2017 12:01 PM To: Jonathan Rudenberg <jonat...@titanous.com>; mozilla-dev-security-pol...@lists.mozilla.org Subject: RE: Certificates with less than 64 bits of entropy Hi Jonathan, InfoCert's

Re: Certificates with less than 64 bits of entropy

On Thursday, August 10, 2017 at 11:27:53 AM UTC-5, Nick Lamb wrote: > The truth is that there is no positive test for randomness, any work in this > area is going to end up needing a judgement call, so I think inconveniencing > the CAs even a small amount with such a policy change just to make

RE: Certificates with less than 64 bits of entropy

@lists.mozilla.org] On Behalf Of Jonathan Rudenberg via dev-security-policy Sent: Thursday, August 10, 2017 9:26 AM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: Certificates with less than 64 bits of entropy > On Aug 10, 2017, at 11:20, Jonathan Rudenberg via dev-security-pol

Re: Certificates with less than 64 bits of entropy

On Thursday, 10 August 2017 16:20:56 UTC+1, Jonathan Rudenberg wrote: - Three intermediates, "TeleSec ServerPass Class 2 CA”, "Go Daddy Secure Certificate Authority - G2”, and "Starfield Secure Certificate Authority - G2”, (which are not in this list) appear to issue certificates with serial

Re: Certificates with less than 64 bits of entropy

> On Aug 10, 2017, at 11:20, Jonathan Rudenberg via dev-security-policy > wrote: > > QuoVadis (560) >Siemens Issuing CA Internet Server 2016 (560) > > D-TRUST (224) >D-TRUST SSL Class 3 CA 1 2009 (178) >D-TRUST SSL Class 3 CA 1 EV 2009 (45) >

Certificates with less than 64 bits of entropy

Baseline Requirements section 7.1 says: > Effective September 30, 2016, CAs SHALL generate non‐sequential Certificate > serial numbers greater than zero (0) containing at least 64 bits of output > from a CSPRNG. There are 1027 unexpired unrevoked certificates known to CT with a notBefore date