It is from something I read once. Now, I think it might have been in a different context than PKI. It also is probably related to collisions in older hashing algorithms. When I search I only get results about restricting passwords from brute force attacks so I am either mistaken or my Google ability is off today. Thanks, -----Original Message----- From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> On Behalf Of Michael Wojcik via openssl-users Sent: Thursday, June 1, 2023 9:06 AM To: openssl-users@xxxxxxxxxxx Subject: RE: Can create a cert with no serial number? > From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> On Behalf Of > Job Cacka > Sent: Thursday, 1 June, 2023 09:01 > Intentionally repeating characters in a hash is a great way to provide the hash to be broken. "great" here is a rather bold claim. If repeating a few characters in the Subject DN makes any appreciable difference in the work factor for a second-preimage attack on your certificate signatures, you have much bigger problems. > As I recall there is something about repeating a character more than 3 > times consecutively that decreases the effectiveness of the hash. Citation needed. -- Michael Wojcik
