Matt Palmer via dev-security-policy <dev-security-policy@lists.mozilla.org> writes:
>Imagine if a CA said "we generate a 64-bit serial by getting values from the >CSPRNG repeatedly until the value is one greater than the previously issued >certificate, and use that as the serial number.". Well, something pretty close to that works for Bitcoin (the relation is < rather than >). Come to think of it, you could actually mine cert serial numbers, and then record them in a public blockchain, for auditability of issued certificates. (Note: This is satire. I'm not advocating using blockchain anything for anything other than (a) pump-and-dump digital currency schemes and (b) attracting VC funding). Peter. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy