Hi Tom, Tom Smyth wrote on Wed, Mar 13, 2019 at 08:32:20PM +0000:
> Just saw the following article and i was wondering if libressl > Might be affected by the bug also > Top bit being set to 0 always making an effective 63 bits rather than 64 > bits If i understand the article you quote correctly, is is about a minor bug in some CA softwares (i.e. softwares used to operate certificate authorities). As far as i am aware, LibreSSL does *not* include any software that can be used to operate a certificate authority. The "openssl ca" subcommand of openssl(1) definitely does not count. The openssl(1) utility is a *testing tool* and must not be used for any kind of production purposes. So i don't see how LibreSSL could possibly be affected. If you still think it might be, please consider stating more precisely which part of LibreSSL (i.e. which library function) you fear might be broken in precisely which way. > https://www.theregister.co.uk/2019/03/13/tls_cert_revoke_ejbca_config/ My impression is that the most important sentence from that article is the following: While the serial number security issue is largely theoretical - 63 bits leaves plenty of space to fend off collision attacks, even if it's not compliant with the spec [...] That means this is unlikely to be a security issue in the first place but looks more like a minor bug where some software is gratutiosly violating a specification. Sure, specifications should not be set aside without a good reason, and certainly not accidentally, and bugs ought to be fixed, but i fail to see any indication that this bug might be more important than other run-of-the-mill bugs. Please take this with a grain of salt: while i did occasionally work on LibreSSL documentation in the past, my knowledge and experience in matters of cryptography and PKI is very limited. But i thought quick feedback might help to discourage people from panicking. Also, if you want to continue this discussion, i suggest moving to misc@. You didn't include a patch! ;-) Yours, Ingo
