Re: [OpenCA-Devel] CA Certificate serial number.

Martin Bartosch Sat, 26 Mar 2005 05:45:14 -0800

Hi,

> Do we really need serial numbers of 20 octets? On the other hand, I
> still remember Billy saying: "640KB is plenty of RAM and we won't ever
> need more than that" :)


I'd say yes, because it makes OpenCA standard compliant. In addition,
"concealed" serial numbers (see RFE 1012849) would make preimage attacks
on certificate generation (SHA1 problem...) very difficult if not
impossible.

Happy easter to all,

Martin





-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
OpenCA-Devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-devel

Re: [OpenCA-Devel] CA Certificate serial number.

Reply via email to