ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Further MD5 breaks: Creating a rogue CA certificate

2008-12-30 18:33:19
from [Russ Housley] [Permanent Link] 



I'm not sure I understand the issue here, but
they don't actually have to be totally randomized. You could use a
PRF so they were predictable to the CA.
That works. This works too: the serial number could be composed of two parts, where the most significant bits are a counter and the least significant bits are randomly generated.
Russ
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [saag] [Cfrg] Further MD5 breaks: Creating a rogue CA certificate, Jeffrey Hutzelman
Next by Date:  RE: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CAcertificate, Santosh Chokhani
Previous by Thread:  Re: [Cfrg] [saag] Further MD5 breaks: Creating a rogue CA certificate, Eric Rescorla
Next by Thread:  Re: Further MD5 breaks: Creating a rogue CA certificate, Timothy J. Miller
Indexes:  [Date] [Thread] [Top] [All Lists]