David von Oheimb <[email protected]> wrote: > would have been more apparent.
well, you just used ASN.1 we didn't understand to explain other ASN.1 we
didn't understand :-)
What I took away was that my interpretation was not quite right for getting a
explicit value.
> Further, RFC 7030 section 4.5.2 does not cover the fact that names and
> name components in a CSR may be part of not only various X.509
> extensions such as SAN (which are to be encoded via the extra
> indirection of the extensionRequest OID) but also of the subject
> field/attribute of type (Distinguished)Name.
Could you construct an example? Perhaps we could slip it in as errata.
> At least a more comprehensive example would have been very helpful to
> clarify the details of the intended encoding, and likewise any serious
> reference/example implementation, for instance in Cisco's libEST, which
> has remained extremely sketchy regarding the csrattrs topic.
Are there examples in libest that we can use?
Is there unit test code in there that could be exercised to validate other
examples?
Are we back to redoing this in JSON?
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
