On 21/08/2017 16:22, Robert Moskowitz wrote:
On 08/21/2017 10:03 AM, Salz, Rich wrote:
If the root is going to be trusted, make its serial number be one. ☺
Otherwise use eight bytes of random as the serial number, if you
follow CABF guidelines.
Kind of where my thinking is going. But once
My proposal.
Keep k bits (k/8 octets) long serial numbers for all your certificates, chose a
block cipher operating on blocks of k bits, and operate this block cipher in
CTR mode, with a proper secret key and secret starting counter. That way, no
collision detection is necessary, you’ll be able
On 08/21/2017 10:03 AM, Salz, Rich wrote:
If the root is going to be trusted, make its serial number be one. ☺
Otherwise use eight bytes of random as the serial number, if you follow CABF
guidelines.
Kind of where my thinking is going. But once I make it '1', it might as
well be 1 byte ran
If the root is going to be trusted, make its serial number be one. ☺
Otherwise use eight bytes of random as the serial number, if you follow CABF
guidelines.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
On 08/21/2017 09:36 AM, Salz, Rich wrote:
➢ Thus how large does this random number have
It’s also to protect against predicting serial numbers and being able to
leverage that. It’s not just (nor really mainly) the MD5 digest attacks.
According to CABForum, you need 8 octets. No reason not
➢ Thus how large does this random number have
It’s also to protect against predicting serial numbers and being able to
leverage that. It’s not just (nor really mainly) the MD5 digest attacks.
According to CABForum, you need 8 octets. No reason not to use more if you can.
➢ page was talking
On 08/21/2017 09:20 AM, Salz, Rich via openssl-users wrote:
But in doing this, I can't figure out if there is a risk on serial
number size for a root CA cert as there is for any other cert.
I don’t understand what attack you are concerned about, but the size of the
serial number sho
But in doing this, I can't figure out if there is a risk on serial
number size for a root CA cert as there is for any other cert.
I don’t understand what attack you are concerned about, but the size of the
serial number should not matter for *any* certificate.
--
openssl-users mailing
I have worked out that:
openssl req -config openssl-root.cnf -set_serial 0x$(openssl rand -hex
19) -key private/ca.key.pem\
-subj "$DN"\
-new -x509 -days 7300 -sha256 -extensions v3_ca -out
certs/ca.cert.pem
allows you to override the serial number select process and thus contro