java - Serial Number of a X.509 Certificate -

-

i programming certification authority in java uni class, don't know what's best option serial number of certificate.

  • simple static counter 0 verybignumber
  • some huge bigint random number

is there reason choosing 1 on other... or none of them??

thanks,

i recommend use random number, keep list of issued serial numbers in database. allow 2 things.

  1. you never reissue same serial number.
  2. you can tell certificate's serial number if remotely valid.

of course #1 requires check against known list on generation , generate new random number if collision occurs, , #2 isn't of in terms of security or validation interesting prospect never-the-less.


Comments

Post a Comment

Popular posts from this blog

ruby - When to use an ORM (Sequel, Datamapper, AR, etc.) vs. pure SQL for querying -

-
a colleague of mine designing sql queries 1 below produce reports, displayed in excel files through external data query. @ present, reporting processes on db required (no crud operations). i trying convince him better use ruby orm in order able display data in rails/sinatra app. despite obvious advantages in displaying data, advantages there him in learning use orm sequel or datamapper? the sql queries writing quite complex, , being relatively new sql, complains time-consuming , confusing. possible write extremely complex queries orm? , if so, suitable(i have heard sequel legacy dbs)? , advantages of learning ruby , using orm versus sticking plain sql, in making complex database queries? i'm datamapper maintainer, , think complex reporting should use sql. while think someday we'll have dsl provides power , conciseness of sql, i've seen far requires write more ruby code sql complex queries. rather maintain 5 line sql query 10-15 lines of ruby code desc...
Read more

php - PHPDoc: @return void necessary? -

-
is necessary this: /** * ... * * @return void */ i have quite few methods don't have return value, , seems redundant put in comment. considered bad form leave out? if makes clear documentation, leave in, isn't strictly necessary. it's entirely subjective decision. personally, leave out. edit stand corrected. after little googling, wikipedia page says: @return [type description] tag should not used constructors or methods defined void return type. the phpdoc.org website says: @return datatype description @return datatype1|datatype2 description the @return tag used document return value of functions or methods. @returns alias @return support tag formats of other automatic documentors the datatype should valid php type (int, string, bool, etc), class name type of object returned, or "mixed". if want explicitly show multiple possible return types, list them pipe-delimited without spaces (e.g. "@retur...
Read more

c++ - Convert big endian to little endian when reading from a binary file -

-
this question has answer here: how convert between big-endian , little-endian values in c++? 28 answers i've been looking around how convert big-endian little-endians. didn't find solve problem. seem there's many way can conversion. anyway following code works ok in big-endian system. how should write conversion function work on little-endian system well? this homework, since systems @ school running big-endian system. it's got curious , wanted make work on home computer also #include <iostream> #include <fstream> using namespace std; int main() { ifstream file; file.open("file.bin", ios::in | ios::binary); if(!file) cerr << "not able read" << endl; else { cout << "opened" << endl; int i_var; double d_var; while(!file.eof()) {...
Read more