Hi all, We have had this suggestion (see below) to create more differentiated CRL messages, where certain message fields are moved up one level, from inside the list of extensions. (crlNumber, AuthorityKeyIdentifier and crlReason, see the full suggestion below.) Since we cannot determine the value of this proposal, we want to ask the community for input. Are these changes seen by more parties as something which would aid message processing? Or create unnecessary complexity? And are there (also) other extension fields which would deserve to be moved up from inside the extensions list, following the same line of argument?
Best Regards Joel Höglund On Thu, 4 May 2023 at 10:40, Lijun Liao <[email protected]> wrote: > To simplify the process of C509 native CRLs, what about extracting some > extensions from the 'extensions' field and assigning explicit fields for > such extensions? > > 1. CRL extensions 'CRL number' and 'AuthorityKeyIdentifier': > > TBSCertificateSigningRequest = ( > C509CertificateRevocationListType: int, > issuer: Name, > thisUpdate: Time, > nextUpdate: Time, > **crlNumber: ~biguint,** ;new field > **AuthorityKeyIdentifier: ~bstr,**; new field > revokedCertificates: RevokedCertificates, > crlExtensions: Extensions, ; all extensions except CRLNumber and > AuthorityKeyIdentifier > issuerSignatureAlgorithm: AlgorithmIdentifier, > ) > > > 2. CRL entry extension 'crlReason': > > RevokedCertificates = [ > userCertificate: CertificateSerialNumber, > revocationDate: Time, > **crlReason: ~uint,**; new field > crlEntryExtensions: Extensions, ; all extensions except crlReason. > ] > > > BR/ > Lijun Liao > _______________________________________________ > COSE mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/cose >
_______________________________________________ COSE mailing list [email protected] https://www.ietf.org/mailman/listinfo/cose
