[TLS] Issue 30: Reject RSA public exponent 1
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[TLS] Issue 30: Reject RSA public exponent 1
http://www3.tools.ietf.org/wg/tls/trac/ticket/30
Nelson Bolyard writes:
Some time ago, mozilla was modified to detect and reject RSA
keys with public exponents equal to 1. Presumably, the
readers of this list need no explanation of the implications
of such keys.
Now, mozilla users are encountering web sites whose certs have
such keys. At least one public CA has apparently issued one
or more such certs.
I'm reporting this here to alert the readers of this list who
may wish to ensure that their implementations detect such
keys, and to suggest that perhaps the TLS RFC should
explicitly forbid the use of any public keys (RSA or
otherwise) that facilitate such weak encryption and/or
authentication by requiring implentations to detect and reject
them.
My general feeling is that there are a broad category of "good crypto
practices" issues that don't apply specifically to TLS. I'd love to
see an RFC on them, but would rather not see them in TLS proper
since they need to be duplicated in every crypto-using RFC.
Proposed resolution: do nothing.
-Ekr
_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
