In message <[EMAIL PROTECTED]> on Sun, 10 Oct 2004 18:16:21 -0700, Eric Rescorla <[EMAIL PROTECTED]> said:
ekr> Does anyone know the details of the certificate generation ekr> algorithms used by various CAs? Variants I've heard of are: - A simple counter starting at 0 (well, actually, I know this one, as that's what OpenSSL does :-)) - A simple counter starting with a random value (OpenSSL has an option for this). - A time-based value (I don't recall who did that) - A hash of some sort (I believe Verisign does that, among others) ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. -- Richard Levitte \ Tunnlandsvägen 52 \ [EMAIL PROTECTED] [EMAIL PROTECTED] \ S-168 36 BROMMA \ T: +46-708-26 53 44 \ SWEDEN \ Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ ----------------------------------------------------------------- A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail? --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]