Serial number entropy - Githubissues

thomas-fossati / draft-tls13-iot

Other

0 stars 1 forks source link

Closed hannestschofenig closed 9 months ago

hannestschofenig commented 1 year ago

CAs MUST generate non-sequential serial numbers greater than zero (0) up to 20 octects from a cryptographically secure

Thomas: we should keep some form of lower bound on SN entropy here.

hannestschofenig commented 9 months ago

EAT suggests to use 6-32 bytes for the ueid