Hi David, the RANDOM_SERIAL_SIZE is the size of the random number. For example, with a value of 10, an 80 bit random number is generated. The following serial number is an example:
C6E41F6D8A195E384B0F
which has enough entropy for many users :D I had to modify several parts of the
code
to support the new serial numbers (as, for example, perl was not able to deal
with
them directly - we are now using the Bit::Vector module - I also modified part
of the
OpenCA::OpenSSL code to support the new $obj->getParsed()->{HEX_SERIAL}).
The problem in going up too much with the number of bits is support for large
numbers
in DBs. MySQL is not that great from this point of view, and we need to stay
under
60 digits in decimal numbers. PostgreSQL does not have this limitation (AFAIK),
and
so other DBs.
I have not been able to test the different backends.. it would be nice to have a
more serious test lab.. any of you has the possibility to provide a testbed
environment
for the new release ?
Cheers,
Max
On 02/08/2010 05:22 PM, David O'Callaghan wrote:
Hi Max, Could you confirm what the "RANDOM_SERIAL_SIZE" means, and if the new version will allow 64-bit serial numbers? Thanks, David On 08/02/2010 20:53, Dinschel, Duane wrote:That's great news. We have enough lead time that waiting for the new version should be fine. Thank you, Duane
smime.p7s
Description: S/MIME Cryptographic Signature
------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com
_______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
