CAs Reissue Over One Million Weak Certificates

2019-03-18 11:23

Turns out that the software a bunch of CAs used to generate public-key certificates was flawed: they created random serial numbers with only 63 bits instead of the required 64. That may not seem like a big deal to the layman, but that one bit change means that the serial numbers only have half the required entropy. This really isn't...

News URL

https://www.schneier.com/blog/archives/2019/03/cas_reissue_ove.html

#certificate