Project

General

Profile

Actions
Copy link

Feature #9883

closed

Allow CAs to use randomized serials when signing

Added by Jim Pingle about 5 years ago. Updated about 5 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Jim Pingle
Category:
Certificates
Target version:
2.5.0
Start date:
11/04/2019
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:

Description

Various guidelines suggest using randomized serial numbers when signing certificates, rather than using sequential numbers.

Add an option to CA entries (off by default) which will allow them to generate random serial numbers when signing for extra security.

The generated numbers must be tested against all known serials for a given CA to avoid accidentally duplicating a serial.

Actions
Copy link

Also available in: Atom PDF