Re: Using set_serial to control serial number size directly

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 08/21/2017 10:03 AM, Salz, Rich wrote:
If the root is going to be trusted, make its serial number be one. ☺
Otherwise use eight bytes of random as the serial number, if you follow CABF guidelines.

Kind of where my thinking is going. But once I make it '1', it might as well be 1 byte rand! :)

Well 1 - 127 random...

But no need to make it 20 octets. Just leave it at 8. And yes, I can see some jump on the 'save' 7 bytes bandwagon. Also why I have to work out BER to compare that sizing to DER. Trying to do that today.

Bob

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux