On Fri, Dec 1, 2017 at 12:34 PM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> On 01/12/2017 17:06, Ryan Sleevi wrote:
>
>> On Fri, Dec 1, 2017 at 10:33 AM, Jakob Bohm via dev-security-policy <
>> dev-security-policy@lists.mozilla.org> wrote:
>>
>>>
>>>
On Fri, Dec 1, 2017 at 11:20 AM, Hubert Kario wrote:
> On Friday, 1 December 2017 17:11:56 CET Ryan Sleevi wrote:
> > On Fri, Dec 1, 2017 at 10:23 AM, Hubert Kario wrote:
> > > and fine for NSS too, if that changes don't have to be implemented in
> next
> >
On 01/12/2017 17:06, Ryan Sleevi wrote:
On Fri, Dec 1, 2017 at 10:33 AM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
Depending on the prevalence of non-public CAs (not listed in public
indexes) based on openssl (this would be a smallish company thing more
On Friday, 1 December 2017 17:11:56 CET Ryan Sleevi wrote:
> On Fri, Dec 1, 2017 at 10:23 AM, Hubert Kario wrote:
> > and fine for NSS too, if that changes don't have to be implemented in next
> > month or two, but have to be implemented before NSS with final TLS 1.3
> >
On Friday, 1 December 2017 16:33:10 CET Jakob Bohm via dev-security-policy
wrote:
> On 01/12/2017 16:23, Hubert Kario wrote:
> > On Friday, 1 December 2017 15:33:30 CET Ryan Sleevi wrote:
> >> On Fri, Dec 1, 2017 at 7:34 AM, Hubert Kario wrote:
> It does feel like again
On Fri, Dec 1, 2017 at 10:23 AM, Hubert Kario wrote:
>
> > - Windows and NSS both apply DER-like BER parsers and do not strictly
> > reject (Postel's principle, despite Postel-was-wrong)
>
> NSS did till very recently reject them, OpenSSL 1.0.2 still rejects them
> (probably
On Fri, Dec 1, 2017 at 10:33 AM, Jakob Bohm via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
>
> Depending on the prevalence of non-public CAs (not listed in public
> indexes) based on openssl (this would be a smallish company thing more
> than a big enterprise thing), it
On 01/12/2017 16:23, Hubert Kario wrote:
On Friday, 1 December 2017 15:33:30 CET Ryan Sleevi wrote:
On Fri, Dec 1, 2017 at 7:34 AM, Hubert Kario wrote:
It does feel like again the argument is The CA/EE should say 'I won't do
X'
so that a client won't accept a signature
On Friday, 1 December 2017 15:33:30 CET Ryan Sleevi wrote:
> On Fri, Dec 1, 2017 at 7:34 AM, Hubert Kario wrote:
> > > It does feel like again the argument is The CA/EE should say 'I won't do
> >
> > X'
> >
> > > so that a client won't accept a signature if the CA does X,
On Fri, Dec 1, 2017 at 7:34 AM, Hubert Kario wrote:
> > It does feel like again the argument is The CA/EE should say 'I won't do
> X'
> > so that a client won't accept a signature if the CA does X, except it
> > doesn't change the security properties at all if the CA/EE does
On Thursday, 30 November 2017 21:49:42 CET Ryan Sleevi wrote:
> On Thu, Nov 30, 2017 at 3:23 PM, Hubert Kario wrote:
> > On Thursday, 30 November 2017 18:46:12 CET Ryan Sleevi wrote:
> > > On Thu, Nov 30, 2017 at 12:21 PM, Hubert Kario
> >
> > wrote:
> > >
On Thu, Nov 30, 2017 at 3:23 PM, Hubert Kario wrote:
> On Thursday, 30 November 2017 18:46:12 CET Ryan Sleevi wrote:
> > On Thu, Nov 30, 2017 at 12:21 PM, Hubert Kario
> wrote:
> > > if the certificate is usable with PKCS#1 v1.5 signatures, it makes it
> >
On Thursday, 30 November 2017 18:46:12 CET Ryan Sleevi wrote:
> On Thu, Nov 30, 2017 at 12:21 PM, Hubert Kario wrote:
> > if the certificate is usable with PKCS#1 v1.5 signatures, it makes it
> > vulnerable to attacks like the Bleichenbacher, if it is not usable with
> > PKCS#1
On Thu, Nov 30, 2017 at 12:21 PM, Hubert Kario wrote:
> if the certificate is usable with PKCS#1 v1.5 signatures, it makes it
> vulnerable to attacks like the Bleichenbacher, if it is not usable with
> PKCS#1
> v1.5 it's not vulnerable in practice to such attacks
>
A
On Wednesday, 29 November 2017 21:59:39 CET Ryan Sleevi wrote:
> On Wed, Nov 29, 2017 at 1:09 PM, Hubert Kario wrote:
> > > So are you stating you do not believe cross-algorithm attacks are
> >
> > relevant?
> >
> > No, I don't believe that cross-algorithm attacks from
On Wed, Nov 29, 2017 at 1:09 PM, Hubert Kario wrote:
> > The extent of the argument for flexibility, so far, has been OpenSSL's
> > behaviour to produce RSA-PSS signatures with a maximal salt length. These
> > same clients are also incapable of parsing RSA-PSS SPKIs (that only
On Wednesday, 29 November 2017 17:00:58 CET Ryan Sleevi wrote:
> On Wed, Nov 29, 2017 at 7:55 AM, Hubert Kario via dev-security-policy <
>
> dev-security-policy@lists.mozilla.org> wrote:
> > Because I do not consider making the salt length rigid (one value allowed
> > for
> > every hash) to be of
On Wed, Nov 29, 2017 at 7:55 AM, Hubert Kario via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
>
>
> > The fact that this new NSS implementation does not properly validate the
> > well-formedness of these signatures is somewhat in conflict with your
> > statement:
> > ""it
On Tue, Nov 28, 2017 at 8:04 AM, Hubert Kario wrote:
> On Monday, 27 November 2017 23:37:59 CET Ryan Sleevi wrote:
> > On Mon, Nov 27, 2017 at 4:51 PM, Hubert Kario wrote:
> > > > So no, we should not assume well-meaning actors, and we should be
> > >
> > >
On Monday, 27 November 2017 23:37:59 CET Ryan Sleevi wrote:
> On Mon, Nov 27, 2017 at 4:51 PM, Hubert Kario wrote:
> > > So no, we should not assume well-meaning actors, and we should be
> >
> > explicit
> >
> > > about what the "intention" of the RFCs is, and whether they
On Mon, Nov 27, 2017 at 4:51 PM, Hubert Kario wrote:
>
> > First, I absolutely disagree with your assumption - we need to assume
> > hostility, and design our code and policies to be robust against that. I
> > should hope that was uncontroversial, but it doesn't seem to be.
>
>
On Monday, 27 November 2017 20:31:53 CET Ryan Sleevi wrote:
> On Mon, Nov 27, 2017 at 12:54 PM, Hubert Kario wrote:
> > > On the realm of CA policy, we're discussing two matters:
> > > 1) What should the certificates a CA issue be encoded as
> > > 2) How should the CA protect
On Mon, Nov 27, 2017 at 12:54 PM, Hubert Kario wrote:
>
> > On the realm of CA policy, we're discussing two matters:
> > 1) What should the certificates a CA issue be encoded as
> > 2) How should the CA protect and use its private key.
> >
> > While it may not be immediately
On Monday, 27 November 2017 17:28:02 CET Ryan Sleevi wrote:
> On Thu, Nov 23, 2017 at 7:07 AM, Hubert Kario via dev-security-policy <
>
> dev-security-policy@lists.mozilla.org> wrote:
> > In response to comment made by Gervase Markham[1], pointing out that
> > Mozilla
> > doesn't have an official
On Thu, Nov 23, 2017 at 7:07 AM, Hubert Kario via dev-security-policy <
dev-security-policy@lists.mozilla.org> wrote:
> In response to comment made by Gervase Markham[1], pointing out that
> Mozilla
> doesn't have an official RSA-PSS usage policy.
>
> This is the thread to discuss it and make a
25 matches
Mail list logo