Re: [OpenCA-Devel] CA Certificate serial number.

Martin Bartosch Mon, 04 Apr 2005 07:25:30 -0700

Hi,

>> - use a VARCHAR() of at least 20 digit length for storing the
>>   serial number
>
> How about 49 or 48 characters? We don't need varchar if we only support
> 20 numbers.


VARCHAR instead of CHAR also allows for shorter and easier to
read/process serials, e. g. '105' instead of
'                       105'.

>> - store the cert serial as hexadecimal number in this VARCHAR
>
> Why should we use a hexadecimal representation? It costs a lot of work
> to always use decimal numbers at all places in OpenCA.

(Just intuitively:)
Hex is more compact and cert serials are often displayed as hex
strings (OpenSSL...). On the other hand if decimal is more practical
within the code, let's use decimal. I don't think this is an important
decision, it just has to be consisten... :-)

>> - introduce a new NOTBEFORE column for the certificate table
>>   (we need this for rollover handling anyway)
>
> DONE.
>
>> - change sorting semantics for display: do not sort on serial
>>   numbers anymore, but rather on the NOTBEFORE date
>
> DONE.

Great!

cheers

Martin



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_ide95&alloc_id396&op=click
_______________________________________________
OpenCA-Devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-devel

Re: [OpenCA-Devel] CA Certificate serial number.

Reply via email to