Ballot SC073: Compromised and weak keys

Ballot overview (SC-073: Compromised and weak keys)

• The ballot proposes updates to the Baseline Requirements for the Issuance and Management of Publicly-Trusted TLS Server Certificates related to weak and compromised private keys.
• The changes are primarily in Section 6.1.1.3:
  • 6.1.1.3(4) clarifies that CAs shall be made aware of compromised keys using their existing notification mechanism(s).
  • 6.1.1.3(5) improves guidance for CAs around the detection of weak keys.
• The ballot page states that if the ballot passes, these changes become effective on November 15, 2024.

Voting and adoption checks

• Voting Results:
  • 23 Certificate Issuers voted YES; 0 voted NO; 0 abstained.
  • 1 Certificate Consumer voted YES; 0 voted NO; 0 abstained.
• Bylaws Requirements:
  • Bylaw 2.3(6) requirements were MET (2/3 or more of Voting Members in the Certificate Issuer category in favor; and 50%+1 in the Certificate Consumer category in favor).
  • Bylaw 2.3(7) quorum requirement was MET (quorum was 14 for this ballot).

IPR review period and exclusion notice process

• Review Notice (Final Maintenance Guideline) states:
  • Start of Review Period: 6 May 2024 at 10:00 UTC
  • End of Review Period: 6 June 2024 at 10:00 UTC
  • Members with Essential Claims to exclude must forward a written Notice to Exclude Essential Claims to the Working Group Chair and also submit a copy to the CA/B Forum public mailing list before the end of the Review Period.

What the redline changes do (as reflected in the provided evidence)

• The redline updates the Baseline Requirements text related to key compromise and weak keys handling.
• It changes the condition for rejecting certificate requests based on weak keys and adds specific precautions for requests submitted on or after November 15, 2024, including:
  • Debian weak keys checks using the repository at https://github.com/cabforum/Debian-weak-keys/ (with additional conditions described in the redline).
  • ROCA vulnerability checks using https://github.com/crocs-muni/roca or equivalent.
  • Close Primes vulnerability checks using Fermat factorization within 100 rounds.
• The redline also updates how key compromise notifications are handled (e.g., referencing CA revocation request procedures and special requirements for re-key compromise).