Dear devs, there is an X509 extension named `Admissions`, supported e.g. by OpenSSL ( https://docs.openssl.org/master/man3/ADMISSIONS/) and BouncyCastle ( https://people.eecs.berkeley.edu/~jonah/bc/index.html?org/bouncycastle/asn1/isismtt/x509/AdmissionSyntax.html). Would you be interested in `cryptography` supporting it as well? This is an extension that is used in german public healthcare and legal sectors, and I am working for one of them :-) I really enjoy working with `cryptography` for reading out and persisting X509 certificates, but dealing with the `Admissions` extension requires me adding extra dependencies and writing extra code using other libraries I do not enjoy this much.
If you agree that it could be a viable addition to the project, I would gladly contribute the necessary bits myself. I made a proof-of-concept implementation for the Admissions extension in my fork of `cryptography` to have something to discuss: https://github.com/pyca/cryptography/compare/main...hoefling:cryptography:admission-extension?expand=1 Example script that creates a certificate with an admission extension that has some dummy values: https://gist.github.com/hoefling/fa290eb33b24a2e5405cf9cdeeda03bc Of course, this is far from the state where it can be reviewed, should be split into smaller patches, is missing tests and docs etc etc. If you reject the idea, I would try and put the code in a separate library that depends on `cryptography` and connect them together somehow. I would be grateful for any advices on that matter - maybe you already had a case with a third party extension for `cryptography` being built. Last but not least - I really enjoyed hacking the working prototype together and fiddling with the Rust backend, kudos for having such a clear and concise API design! Kind regards, Oleg
_______________________________________________ Cryptography-dev mailing list Cryptography-dev@python.org https://mail.python.org/mailman/listinfo/cryptography-dev
