Re: More on cert serialnumbers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

And RFC 5280, which is still the standard, says serial# must be <= 20 bytes.  Which means, you want to make sure the high bit is off, else the DER encoding will make it 21 bytes.

So the new –rand_serial flag I am adding to the CA command will make call RAND_bytes to get 18 bytes.


On 8/17/17, 10:45 AM, "Salz, Rich via openssl-users" <openssl-users@xxxxxxxxxxx> wrote:

    https://cabforum.org/2016/07/08/ballot-164/
    
    
    -- 
    openssl-users mailing list
    To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
    

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux