We currently put time(NULL) in our certificate's serial numbers, which is not a good idea. Proposal 179 says to put 8 random bytes as the serial numbers of our new certificates. It seems like a sane choice. (Also see legacy/trac#4570 for another prop179 serial number trick which did make it in.)