Are you asking about CSR or existing bug for including Brainpool support
in TLS?
I saw some bugs which mentions errors/exceptions which brainpool is
used, e.g. JSSE has https://bugs.openjdk.java.net/browse/JDK-7189107,
key tool has https://bugs.openjdk.java.net/browse/JDK-8201290. After
this brainpool support is integrated, it'll be easier to re-evaluate these.
As for PKCS11, Tobias tested this against a 3rd party PKCS11 library and
the result is positive if I recall correctly.
Thanks,
Valerie
On 6/18/2018 1:26 PM, Bernd Eckenfels wrote:
Hello,
not a Reviewer, but some Questions on the CSR:
* Are there other CSRs for including in TLS?
* I also wonder if PKI (CA Signatures) will work out of the box then
(OID aliases?)
* Does PKCS11 require additional changes? (especially for the
Government use mentioned in the justification HSMs are often
mandatory)
Gruss
Bernd
--
http://bernd.eckenfels.net
