Matthew Hardeman via dev-security-policy <[email protected]> writes:
>One question: the choice of 20 bytes of serial number is an unusual length >for an integer type. It's not a nice clean power of 2. It doesn't align to >any native integer data type length on any platform I'm aware of. It exactly matches the SHA-1 hash size. SHA-1 was the universal go-to hash function when 2459 and its successors were created, and is implicitly hardcoded into various parts of the spec. See for example the suggestions for generating the keyIdentifier. Peter. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy

