I have created an ID with the steps to create an ECDSA pki including
802.1AR certs.
I welcome your comments. In particular, I am not 100% that I have the
SAN right:
[ req_ext ]
subjectAltName = otherName:1.3.6.1.5.5.7.8.4;SEQ:hmodname
[ hmodname ]
hwType = OID:$ENV::hwType
hwSerialNum = FORMAT:HEX,OCT:$ENV::hwSerialNum
Do take a look at Appendix A.3.
-------- Forwarded Message --------
Subject: New Version Notification for draft-moskowitz-ecdsa-pki-00.txt
Date: Wed, 30 Aug 2017 06:53:03 -0700
From: [email protected]
To: Robert Moskowitz <[email protected]>, Liang Xia
<[email protected]>, Henk Birkholz
<[email protected]>, Liang Xia <[email protected]>
A new version of I-D, draft-moskowitz-ecdsa-pki-00.txt
has been successfully submitted by Robert Moskowitz and posted to the
IETF repository.
Name: draft-moskowitz-ecdsa-pki
Revision: 00
Title: Guide for building an ECC pki
Document date: 2017-08-30
Group: Individual Submission
Pages: 26
URL:
https://www.ietf.org/internet-drafts/draft-moskowitz-ecdsa-pki-00.txt
Status: https://datatracker.ietf.org/doc/draft-moskowitz-ecdsa-pki/
Htmlized: https://tools.ietf.org/html/draft-moskowitz-ecdsa-pki-00
Htmlized:
https://datatracker.ietf.org/doc/html/draft-moskowitz-ecdsa-pki-00
Abstract:
This memo provides a guide for building a PKI (Public Key
Infrastructure) using openSSL. All certificates in this guide are
ECDSA, P-256, with SHA256 certificates. Along with common End Entity
certificates, this guide provides instructions for creating IEEE
802.1AR [IEEE.802.1AR_2009] iDevID Secure Device certificates.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat
_______________________________________________
Anima mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/anima
