Three points: (1) There may be people willing to work on code at the hackathon. I have not looked around too much, but I could do that depending on the response to the second point.
(2) We need to validate signatures on I-Ds and RFCs with the standard release. I’m okay with needing 1.1 or later, but I’m not okay with users having to fetch a special version. (3) We are signing I-Ds now; we just are not including the signing-certificate-v2 attribute. These older signature need to continue to validate, which should not be a problem since you should just hash unknown attributes that are included by the signer. Russ On May 12, 2016, at 9:16 AM, Salz, Rich <rs...@akamai.com> wrote: > So Matt already mentioned that it's too late for our upcoming 1.1 release. > But do you think there'd be interest in adding this at an IETF hackathon? I > can be there FWIW. Keeping a separate ietf-openssl branch that has the > changes, for example, shouldn't be onerous. > > -- > Senior Architect, Akamai Technologies > IM: richs...@jabber.at Twitter: RichSalz > -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
