[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: xxx-draft-spec-for-TLS-normalization.txt



On Feb 2, 2011, at 9:18 AM, Jacob Appelbaum wrote:

> That's likely because some CAs but not all CAs will insert random data
> into the serial number field as a method of injecting entropy into
> issued certificates. Can you dump the CA names with those?

No, almost all the valid_certs are like this, so it would be a huge list. Also, even if the CA just hashes a timestamp, it will "look" random in my query results.


-- 
Chris Palmer
Technology Director, Electronic Frontier Foundation