> On Apr 26, 2021, at 9:59 AM, Salz, Rich <[email protected]>
> wrote:
>
>> I was wondering if you would be willing to as an ASN.1 module as an
>> appendix. Right now, an implementer needs to do a fair amount of work to
>> find all of the OID values and some of them do not have names. For example:
>
> That is a great idea. If you are willing to do that, I am willing to make a
> PR to add it as an appendix (informative I assume?)
Informative seems fine to me. The point is to help the implementer.
Below is the approach that I took for RFC 6962. I had to make up names because
there are no hints in the document in some cases. Suggestions for the bis
document are welcome.
Russ
= = = = = = = =
RFC6963Module-2013
DEFINITIONS IMPLICIT TAGS ::= BEGIN
-- EXPORTS ALL --
IMPORTS
EXTENSION
FROM PKIX-CommonTypes-2009
{ iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) id-mod(0)
id-mod-pkixCommon-02(57) }
;
SignedCertificateTimestampList ::= OCTET STRING
id-ce-embeddedSCT OBJECT IDENTIFIER ::= { 1 3 6 1 4 1 11129 2 4 2 }
id-ce-criticalPoison OBJECT IDENTIFIER ::= { 1 3 6 1 4 1 11129 2 4 3 }
id-kp-precertificateSigning OBJECT IDENTIFIER ::= { 1 3 6 1 4 1 11129 2 4 4 }
id-pkix-ocsp-SCT OBJECT IDENTIFIER ::= { 1 3 6 1 4 1 11129 2 4 5 }
ext-embeddedSCT EXTENSION ::= { SYNTAX SignedCertificateTimestampList
IDENTIFIED BY id-ce-embeddedSCT }
ext-criticalPoison EXTENSION ::= { SYNTAX NULL
IDENTIFIED BY id-ce-criticalPoison }
ext-ocsp-SCT EXTENSION ::= { SYNTAX SignedCertificateTimestampList
IDENTIFIED BY id-pkix-ocsp-SCT }
END
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
