<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<br>
<br>
<div class="moz-cite-prefix">On 8/17/2017 09:40, Robert Moskowitz
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:0e3970f1-8b7d-0d72-9adf-fa6bad16bdf7@htt-consult.com">I
have been researching serial number in cert based on Jakob's
comment:
<br>
<br>
"- Serial numbers are *exactly* 20 bytes (153 to 159 bits) both as
standalone
<br>
numbers and as DER-encoded numbers. Note that this is not the
default in
<br>
the openssl ca program.
<br>
<br>
- Serial numbers contain cryptographically strong random bits,
currently at
<br>
least 64 random bits, though it is best if the entire serial
number looks
<br>
random from the outside. This is not implemented by the openssl
ca program."
<br>
<br>
And this is supposedly from the CA/B BF?
<br>
<br>
Though Erwann responded:
<br>
<br>
"There’s no such requirement. It MUST be at most 20 octets long"
<br>
<br>
I see how for all certs other than the root (get to that later), I
can control this with:
<br>
<br>
openssl rand -hex 20 > serial
<br>
<br>
then use 'openssl ca ...'
<br>
<br>
But from Kyle's comment, the first bit must be ZERO.
<br>
</blockquote>
So since the 20 octets is a maximum and not a requirement use -hex
19 instead, and if this results in DER placing a leading 0x00 byte
you're still ok. This also complies with the ballot that Rich
mentioned since you have more entropy than required.<br>
<br>
At least I think that meets the requirements....<br>
<br>
<div class="moz-signature">-- <br>
Karl Denninger<br>
<a href="mailto:karl@denninger.net">karl@denninger.net</a><br>
<i>The Market Ticker</i><br>
<font size="-2"><i>[S/MIME encrypted email preferred]</i></font>
</div>
</body>
</html>