But in doing this, I can't figure out if there is a risk on serial
number size for a root CA cert as there is for any other cert.I don’t understand what attack you are concerned about, but the size of the serial number should not matter for *any* certificate. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
