On December 29, 2017 at 12:27:35 PM, David E. Ross via dev-security-policy ( dev-security-policy@lists.mozilla.org) wrote:
On 12/28/2017 10:33 PM, Peter Bowen wrote: > On Thu, Dec 28, 2017 at 10:24 PM, Jakob Bohm via dev-security-policy > <dev-security-policy@lists.mozilla.org> wrote: >> After looking at some real certificates both in the browser and on crt.sh, I >> have some followup questions on certificate serial numbers: >> >> 4. If the answers are yes, no, yes, why doesn't cablint flag >> certificates with serial numbers of less than or equal to 64 bits as >> non-compliant? > > I can answer #4 -- your trusty cablint maintainer has fallen behind > and hasn't added lints for recent ballots. > I know this would require changing not only software but also the format of certificates. However, why not use UUID version 1? UUIDs (Universally Unique IDentifiers) require no central registry. UUIDs are specified in RFC 4122. Modern X509 uses serial number as both a source of randomness and a unique identifier. Unfortunately, trying to solve for uniqueness doesn't absolve you from needing quality randomness. The reason for the "at least 64-bits of random" requirement is to add entropy to the tbsCertificate structure to make hash collision attacks more difficult. UUIDv1 is (almost) entirely predictable and thus not suitable for this. And if you have a good random source you might as well just generate a long random serial which has a vanishingly small probability of collision. >From <https://www.uuidgenerator.net/>: > A Version 1 UUID is a universally unique identifier that is generated > using a timestamp and the MAC address of the computer on which it was > generated.MAC addresses are supposed to be unique for each device. Continuously varying time means that time-stamps are unique to the device, not rolling over until around the year 3400. Yes, it is possible that the manufacturer of a device -- especially now with so many IoT devices being developed -- might reuse a MAC address. This problem can be overcome if certification authorities are required to obtain confirmation from their hardware suppliers that the MAC addresses in their devices are indeed unique. -- David E. Ross <http://www.rossde.com/> President Trump: Please stop using Twitter. We need to hear your voice and see you talking. We need to know when your message is really your own and not your attorney's. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy