Openpgp card serial numbers
wk at gnupg.org
Tue Jul 17 15:06:21 CEST 2007
On Mon, 16 Jul 2007 11:50, ged at solace.miun.se said:
> The specification for Openpgp card states that the serial number
> (+ manufacturers ID) must be globally unique. I wonder if this is truly
> needed or if "unique enough" would be ok.
I have assigned the unmanaged S/N range:
FF00..FFFE - Range reserved for randomly assigned serial numbers.
Serialnumbers with manufacturer ID in this range are an
exception to the rule that they should be unique. It is
expected that such a serialnumber is assigned using a true
random function which generates 5 bytes (4 for the actual
serial number and one to select a manufacturer ID out of this
range). Note, that the 0xffff is not part of this range.
Implementers using serial numbers as a unique ID should keep in
mind that duplicates may happen. Using the of manufacturer IDs
out of this range should only be done if no other way of
obtaining a manufacturer ID is possible.
I hope this satisfies your need. As written, it is an expection and
should be avoided. In particular, if you target one specific card type
it might be possible to use its native S/N and map it to a a proper
serial number. We can then ask for a manufacturer ID to be used with
this card and application.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 204 bytes
Desc: not available
Url : /pipermail/attachments/20070717/5c7b4e5d/attachment.pgp
More information about the Gnupg-users