aboutsummaryrefslogtreecommitdiffstats
path: root/src/cert
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-11-29 15:34:22 +0000
committerlloyd <[email protected]>2010-11-29 15:34:22 +0000
commit45ab4c7ba638109610c00b15e4c7e7b4489e359c (patch)
tree3993fab359246631d8ef65a8843e17fd69a65a22 /src/cert
parent16ca4e119d5beefcfaf92a3ce05b063997a782ce (diff)
Make the random serial numbers 256 bits to ensure they will never
collide. One might, theoretically, generate 2^64 certificates with a single CA (say, for each particle in a planet wide cloud of smart dust), but 2^128 does not seem possible.
Diffstat (limited to 'src/cert')
-rw-r--r--src/cert/x509ca/x509_ca.cpp2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/cert/x509ca/x509_ca.cpp b/src/cert/x509ca/x509_ca.cpp
index 4c4e62baa..57307d67e 100644
--- a/src/cert/x509ca/x509_ca.cpp
+++ b/src/cert/x509ca/x509_ca.cpp
@@ -98,7 +98,7 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
const Extensions& extensions)
{
const u32bit X509_CERT_VERSION = 3;
- const size_t SERIAL_BITS = 128;
+ const size_t SERIAL_BITS = 256;
BigInt serial_no(rng, SERIAL_BITS);