On 16/12/16 15:18, Gervase Markham wrote:
> Nevertheless, we should update our policy to also use this text, because
> our policy also covers email certificates. We discussed this at the All
> Hands recently and we did not think that there were any compelling
> reasons to provide exemptions to
Currently, the policy says:
"all new end-entity certificates must contain at least 20 bits of
unpredictable random data (preferably in the serial number)."
We should require the random data to be in the serial number, and also
update the number of bits required.
BRs 1.3.7 and later say:
2 matches
Mail list logo