xxx-draft-spec-for-TLS-normalization.txt

Chris Palmer chris at eff.org
Thu Feb 3 18:32:49 UTC 2011


On Feb 2, 2011, at 9:18 AM, Jacob Appelbaum wrote:

> That's likely because some CAs but not all CAs will insert random data
> into the serial number field as a method of injecting entropy into
> issued certificates. Can you dump the CA names with those?

No, almost all the valid_certs are like this, so it would be a huge list. Also, even if the CA just hashes a timestamp, it will "look" random in my query results.


-- 
Chris Palmer
Technology Director, Electronic Frontier Foundation



More information about the tor-dev mailing list