[16301] in cryptography@c2.net mail archive
Re: Certificate serial number generation algorithms
daemon@ATHENA.MIT.EDU (Richard Levitte - VMS Whacker)
Mon Oct 11 17:59:35 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 11 Oct 2004 18:28:59 +0200 (CEST)
To: ekr@rtfm.com
Cc: cryptography@metzdowd.com
From: Richard Levitte - VMS Whacker <levitte@stacken.kth.se>
In-Reply-To: <20041011013122.73C4B7185@sierra.rtfm.com>
In message <20041011013122.73C4B7185@sierra.rtfm.com> on Sun, 10 Oct 2004 18:16:21 -0700, Eric Rescorla <ekr@rtfm.com> said:
ekr> Does anyone know the details of the certificate generation
ekr> algorithms used by various CAs?
Variants I've heard of are:
- A simple counter starting at 0 (well, actually, I know this one, as
that's what OpenSSL does :-))
- A simple counter starting with a random value (OpenSSL has an
option for this).
- A time-based value (I don't recall who did that)
- A hash of some sort (I believe Verisign does that, among others)
-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.
--
Richard Levitte \ Tunnlandsvägen 52 \ LeViMS@stacken.kth.se
Redakteur@Stacken \ S-168 36 BROMMA \ T: +46-708-26 53 44
\ SWEDEN \
Procurator Odiosus Ex Infernis -- poei@bofh.se
Member of the OpenSSL development team: http://www.openssl.org/
-----------------------------------------------------------------
A: Because it fouls the order in which people normally read text.
Q: Why is top-posting such a bad thing?
A: Top-posting.
Q: What is the most annoying thing on usenet and in e-mail?
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
