[openssl-users] Using set_serial to control serial number size directly

Robert Moskowitz rgm at htt-consult.com
Mon Aug 21 13:44:36 UTC 2017

On 08/21/2017 09:36 AM, Salz, Rich wrote:
> ➢ Thus how large does this random number have
> It’s also to protect against predicting serial numbers and being able to leverage that.  It’s not just (nor really mainly) the MD5 digest attacks.  According to CABForum, you need 8 octets.  No reason not to use more if you can.

Sure there is.  On constrained systems with constrained communication 
links.  Every byte counts.  My real thrust on this is for IoT.  To get 
IoT developers to build around certs and know their products work with 
them instead of, well we will get to it eventually.

When I work with 802.15.4 communications with a 128 byte MTU, there is 
considerable debate over every byte sent.  When you tell an IoT chip 
maker that they have to go from 32KB memory to 100MB, they walk out of 
the room.

Oh, I want DOTS and I2NSF developers to be working with certs from the 
get go, instead waiting for deployments and getting 'production' certs 
and THEN discovering what works and what does not.  But IoT is in many 
ways more of a challenge.

So yes, size matters.

> ➢ page was talking about in conjunction with the -CA option. With 'openssl
>      ca' use of the serial file is mandatory according to the man page.
>      There are no command line options for it.
> Fixed in master and will be part of the next releases; the –rand_serial flag.

More information about the openssl-users mailing list