On Mon, Mar 11, 2019 at 12:18 PM Buschart, Rufus via dev-security-policy < [email protected]> wrote:
> > I really like reading this discussion about 64 vs. 63 bits and how to read > the BRGs as it shows a lot of passion by all of us in the PKI community. > Never the less, in the discussion, I miss one interesting aspect. The BRGs > not only speak about 64 bits as output from a CSPRNG but also about serial > numbers being "non-sequential". But nowhere the BRGs define the exact > meaning of "non-sequential". I always read this as serial numbers being > totally random, but I know there is at least one CA out there that > constructs its serial numbers like this > I'm glad someone else asked, as no one has enjoyed the question in the form that I presented it. But I suggest that if "non-sequential" is taken to mean a guarantee that no two serial numbers shall be numerically adjacent integer values, then I submit that any serial numbers which only contain what was previously considered to be 64-bits of entropy and no other data save, perhaps a leading 0x00 byte if necessary to prevent high-order bit being 1, then the effective entropy must be considered less because two adjacent values are effectively blocked by any prior chosen value. But, maybe "non-sequential" doesn't mean that. It's a pity a concept like that isn't clearly objective. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
