Update on Debian Weak Keys repository

118 views

Skip to first unread message

Martijn Katerbarg

unread,

Jul 31, 2025, 11:41:51 AMJul 31

to 'Dimitris Zacharopoulos (HARICA)' via Server Certificate WG (CA/B Forum)

All,

As was just announced on the SCWG call, we (Rob at Sectigo) have recently generated the P521 set of Debian Weak Keys and added these to the upstream repository for https://github.com/cabforum/Debian-weak-keys/.

We’ve now synced the fork available on https://github.com/cabforum/Debian-weak-keys/, to also contain this set of keys.

As I mentioned on the call, we do not interpret this as a requirement change. Any CA issuing P-521 ECC certificates was already required to confirm no Debian Weak Keys were being used, and would have had to generate this batch themselves.

Regards,

Martijn
Sectigo

Reply all

Reply to author

Forward

0 new messages