<div dir="ltr">Ben:<div><br></div><div>Are you sure your math is correct? A serial number is 20 bytes, with the high bit needing to be 1 (for the encoding of positive INTEGERS within DER). This leaves 159 bits for entropy. So you certainly can't have more unpredictable bits than that :)</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Apr 14, 2016 at 12:59 PM, Ben Wilson <span dir="ltr"><<a href="mailto:ben.wilson@digicert.com" target="_blank">ben.wilson@digicert.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div bgcolor="white" lang="EN-US" link="#0563C1" vlink="#954F72"><div><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Man,<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Have you had a chance to do further research on the capabilities of your system? Our CA issues certificates with 32 hexadecimal characters for the serial number. There are 4 bits of entropy for each hexadecimal character. Therefore, our serial numbers have 128 bits of entropy and 16*32= 512 unpredictable bits. An 8-hexadecimal character serial number would have 32 bits of entropy and 128 unpredictable bits. A 20-bit entropy would be equal to 5 hexadecimal characters, or 80 unpredictable bits, so this seems like this is a downgrade to go to 64 unpredictable bits. Am I right?<u></u><u></u></span></p><p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">Ben<u></u><u></u></span></p><p class="MsoNormal"><a name="m_216582708830614260__MailEndCompose"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"><u></u> <u></u></span></a></p><span></span><div><div style="border:none;border-top:solid #e1e1e1 1.0pt;padding:3.0pt 0in 0in 0in"><p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:windowtext"> Man Ho (Certizen) [mailto:<a href="mailto:manho@certizen.com" target="_blank">manho@certizen.com</a>] <br><b>Sent:</b> Wednesday, March 23, 2016 12:27 AM<br><b>To:</b> Ben Wilson <<a href="mailto:ben.wilson@digicert.com" target="_blank">ben.wilson@digicert.com</a>>; <a href="mailto:public@cabforum.org" target="_blank">public@cabforum.org</a><span class=""><br><b>Subject:</b> Re: [cabfpub] Pre-Ballot 164 - Certificate Serial Number Entropy<u></u><u></u></span></span></p></div></div><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal" style="margin-bottom:12.0pt">Hi all,<br><br>Is the meaning of "at least 64 unpredictable bits" setting the same or a higher requirement than "at least 20 bits of entropy" ? I'm not quite sure whether our certificate generation software has this setting in itself.<br><br>Cheers<br>Man<u></u><u></u></p><span class=""><div><p class="MsoNormal">On 3/1/2016 12:21 AM, Ben Wilson wrote:<u></u><u></u></p></div><blockquote style="margin-top:5.0pt;margin-bottom:5.0pt"><p>REPLACE <u></u><u></u></p><p>"CAs SHOULD generate non-sequential Certificate serial numbers that exhibit at least 20 bits of entropy" <u></u><u></u></p><p>WITH <u></u><u></u></p><p>"Effective April 1, 2016, CAs SHALL use a Certificate serialNumber greater than zero (0) that contains at least 64 unpredictable bits." <u></u><u></u></p></blockquote><p class="MsoNormal"><u></u> <u></u></p></span></div></div><br>_______________________________________________<br>
Public mailing list<br>
<a href="mailto:Public@cabforum.org">Public@cabforum.org</a><br>
<a href="https://cabforum.org/mailman/listinfo/public" rel="noreferrer" target="_blank">https://cabforum.org/mailman/listinfo/public</a><br>
<br></blockquote></div><br></div>