Agreed. (Although I don't think that it should weigh heavily if at all, I do want to note that there are use cases for other exponents outside of WebPKI, eg. https://datatracker.ietf.org/doc/draft-irtf-cfrg-partially-blind-rsa/02/ )
On Tue, Mar 17, 2026 at 4:16 PM David Adrian <[email protected]> wrote: > Given the PQ transition, this seems like a particularly low value use of > time, to fix something that doesn’t appear to be a problem. > > On Tue, Mar 17, 2026 at 2:28 AM Hanno Böck <[email protected]> wrote: > >> Hi, >> >> Thanks for that information. >> >> On Mon, 16 Mar 2026 14:40:37 -0700 (PDT) >> Wayne <[email protected]> wrote: >> >> > Baseline Requirements only care that it's greater than 3 and not odd, >> > and all of these are above 65537 but I think it's worth documenting >> > the outliers given they are few and far between. >> >> For what it's worth: I think that should be changed and e=65537 >> should be enforced. (I actually think it was a mistake to begin with >> to make RSA over-configurable, and the exponent should just be a fixed >> value and not part of the key.) >> >> There are a number of potential RSA weaknesses both with very small RSA >> exponents (Coppersmith/Håstad attack, Bleichenbacher's Signature >> Forgery Attack, BERserk) and with small private exponents (Wiener's >> attack) - which automatically leads to a large public exponent. >> Having a standard e value of 65537 avoids all of those. >> >> >> Given that non-standard e values are so rare, it may be time to just >> remove them from the WebPKI ecosystem. >> >> -- >> Hanno Böck >> https://hboeck.de/ >> >> -- >> You received this message because you are subscribed to the Google Groups >> "[email protected]" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion visit >> https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/20260317072808.7c8286ea%40hboeck.de >> . >> > -- > You received this message because you are subscribed to the Google Groups " > [email protected]" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion visit > https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CACf5n7_MhmW4tP%3Dy-%2BpWhhzj5MkB5SbreaCaKWUN5HxjW83vDQ%40mail.gmail.com > <https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CACf5n7_MhmW4tP%3Dy-%2BpWhhzj5MkB5SbreaCaKWUN5HxjW83vDQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/a/mozilla.org/d/msgid/dev-security-policy/CAMjbhoVrvi11hHsxKBJL50R8n3M2DMJ39G76Wmfdh-FEPi1r2Q%40mail.gmail.com.
