On 08/17/2017 10:49 AM, Karl Denninger wrote:
On 8/17/2017 09:40, Robert Moskowitz wrote:
I have been researching serial number in cert based on Jakob's comment:
"- Serial numbers are *exactly* 20 bytes (153 to 159 bits) both as
standalone
numbers and as DER-encoded numbers. Note that this is not the
default in
the openssl ca program.
- Serial numbers contain cryptographically strong random bits,
currently at
least 64 random bits, though it is best if the entire serial number
looks
random from the outside. This is not implemented by the openssl ca
program."
And this is supposedly from the CA/B BF?
Though Erwann responded:
"There’s no such requirement. It MUST be at most 20 octets long"
I see how for all certs other than the root (get to that later), I
can control this with:
openssl rand -hex 20 > serial
then use 'openssl ca ...'
But from Kyle's comment, the first bit must be ZERO.
So since the 20 octets is a maximum and not a requirement use -hex 19
instead, and if this results in DER placing a leading 0x00 byte you're
still ok. This also complies with the ballot that Rich mentioned
since you have more entropy than required.
At least I think that meets the requirements....
And 19 is more than 18! And the first time I tried this I got:
a2b7499f19b3b7b4a54ccd2036d59a4a906756
And the 2nd time I tried with 20:
f7f01d018605411c8788a82e465d7991d574b08f
So that first bit can really be a problem. Probably about 1/2 the time! :)
Bob
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
