Certificate serial number generation algorithms

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Oct 11 12:34:38 EDT 2004

Eric Rescorla <ekr at rtfm.com> writes:

>In particular, Verisign's is very long and I seem to remember someone telling
>me it was a hach but I don't recall the details...

It's just a SHA-1 hash.  Many CAs use this to make traffic analysis of how
many (or few) certificates they're issuing impossible.  An additional
motivation for use by Verisign was to avoid certs with low serial numbers
having special significance.  While there are a few CA's that follow the
monotonically-increasing-integers scheme that certs were originally intended
to have (and all manner of other weirdness, 32-bit integer IDs of unknown
origin seem to be popular in the "other" category), most seem to use a binary
blob of varying length.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list