Ditto-- I have some private tools for reading C509 certs that I could use, at least to see if my implementation will accept them or not. We do use SAN, although not "OTHER_NAME".
-derek On Mon, July 29, 2024 4:28 pm, Lijun Liao wrote: > Please attach your c509 certificate, if allowed. I have some private tools > to do the analysis. > > Sipos, Brian J. <[email protected]> schrieb am Mo., 29. Juli 2024, > 22:19: > >> All, >> >> I’m looking into creating some example c509 certificates which make use >> of >> SAN Other Name and EKU code points allocated by the current draft [1] >> for >> BP security. I think I have a properly encoded c509 structure using >> native >> signature, but don’t have a good way to verify that correctness. >> >> I tried using the tool under “c509_demo_impl” of the c509 source repo >> [2] >> but just get errors when attempting to use it in the read-C509 mode with >> “cargo r c …” and I’m not sure what I may be doing wrong (it’s not clear >> if >> the input is supposed to be direct binary, which I have tried, or some >> other form of text-encoding). Any help getting this tool, or some other >> more appropriate tool, working would be appreciated. >> >> Brian S. >> >> >> >> [1] >> https://www.ietf.org/archive/id/draft-ietf-cose-cbor-encoded-cert-11.html >> >> [2] https://github.com/cose-wg/CBOR-certificates >> >> >> _______________________________________________ >> COSE mailing list -- [email protected] >> To unsubscribe send an email to [email protected] >> > _______________________________________________ > COSE mailing list -- [email protected] > To unsubscribe send an email to [email protected] > -- Derek Atkins 617-623-3745 [email protected] www.ihtfp.com Computer and Internet Security Consultant _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
