On Tue, Mar 12, 2019 at 12:07 PM Mike Kushner via dev-security-policy < [email protected]> wrote:
> Unless you're going under the presumption that the MSB doesn't count as a > part of the serial number (and I've never seen an RFC or requirement > pointing to that being the case, EJBCA does not produce 63 bit serial > numbers. > As this has come up in discussion in the past [1], particularly as called out by Peter Bowen [2], there's been some ambiguity as to whether limits on the maximum size of serial numbers apply to the encoded form or the unencoded form. This came up as well during the Ballot 164 discussion [3]. I highlight this, because I think your response is absolutely consistent with the past discussion - namely, that treating the sign-bit as part of the serial number is consistent. By treating the sign-bit as part of the length, even though it is conceptually an encoding issue of DER/BER, as opposed to fundamental to the ASN.1 version, this naturally leads to a conclusion that there are 159 bits available for the CA to control, since the most significant bit, the sign bit, MUST be 0. The confusion, however, that I think is being highlighted here, is whether the setting is perceived as a configuration of the 'output' serial number (in which case, you're guaranteeing 8 octets) or the 'CA-controlled' serial number (in which case, only 63 bits are being contributed by the CA). The interpretation that EJBCA is applying - in which the configuration specifies the hard upper bound of the encoded serial - is a very reasonable configuration, given the implications to the 20 octet maximum captured in RFC 5280, thus avoiding the issues in [1], although introducing the issues in [3]. [1] https://groups.google.com/d/msg/mozilla.dev.security.policy/b33_4CyJbWI/74sItqcvBgAJ [2] https://groups.google.com/d/msg/mozilla.dev.security.policy/b33_4CyJbWI/96ENFxrGBgAJ [3] https://cabforum.org/pipermail/public/2016-April/007245.html _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
