2024-01-02: Site is back on track, self-hosted on a rpi because you get the Internet you fund.
2025-02-06: Oh well, some power grid issues caused the rpi to reboot, I really should configure uwsgi to restart automatically --'
β back
6437d442-6fb5-49ba-bbdb-19c260652098
Seen in rfc6487
6437d442-6fb5-49ba-bbdb-19c260652098
Seen in rfc6487
| Version | 4 |
| Variant | specified in RFC 4122 |
| urn | urn:uuid:6437d442-6fb5-49ba-bbdb-19c260652098 |
| Hexdump | 6437d4426fb549babbdb19c260652098 |
| Bytes | d7βBoβ‘Iβββββ¬`e ΓΏ |
| UUIDv4 | version (4) + randomness |
| (would-be) MAC Address | 19c260652098 |
| (would-be) is_local bit | True |
| (would-be) is_multicast bit | False |
| (would-be) MAC Manufacturer | None |
| (would-be) MAC Date | None |
UUID registration form :
26436
Seen in RFC 6487 Counts : rfc6487:1 RFC 6487 Resource Certificate Profile February 2012 Subject Name: This profile specifies that subject names must be unique per issuer, and does not specify that subject names must be globally unique (in terms of assured uniqueness). This is due to the nature of the RPKI as a distributed PKI, implying that there is no ready ability for certification authorities to coordinate a simple RPKI-wide unique name space without resorting to additional critical external dependencies. CAs are advised to use subject name generation procedures that minimize the potential for name clashes. One way to achieve this is for a CA to use a subject name practice that uses the CommonName component of the Distinguished Name as a constant value for any given entity that is the subject of CA-issued certificates, and set the serialNumber component of the Distinguished Name to a value that is derived from the hash of the subject public key value. If the CA elects not to use the serialNumber component of the DistinguishedName, then it is considered beneficial that a CA generates CommonNames that have themselves a random component that includes significantly more than 40 bits of entropy in the name. Some non-normative recommendations to achieve this include: 1) Hash of the subject public key (encoded as ASCII HEX). example: cn="999d99d564de366a29cd8468c45ede1848e2cc14" 2) A Universally Unique IDentifier (UUID) [RFC4122] example: cn="6437d442-6fb5-49ba-bbdb-19c260652098" 3) A randomly generated ASCII HEX encoded string of length 20 or greater: example: cn="0f8fcc28e3be4869bc5f8fa114db05e1"> (A string of 20 ASCII HEX digits would have 80-bits of entropy) 4) An internal database key or subscriber ID combined with one of the above example: cn="<DBkey1> (6437d442-6fb5-49ba-bbdb- 19c2606520980)" (The issuing CA may wish to be able to extract the database key or subscriber ID from the commonName. Since only the issuing CA would need to be able to parse the commonName, the database key and the source of entropy (e.g., a UUID) could be separated in any way that the CA wants, as long as it conforms to the rules for PrintableString. The separator Huston, et al. Standards Track [Page 21]