The endpoints in my example address the specific problem of my not being
able to think up good examples of relevant metadata (midnight e-mails...
you know how it is ;-).
One area that might warrant an initial RFC section would be for defining
the required minimum for validating a certificate chain. It probably
shouldn't be a mandatory field overall but it's one of those things that
will be continually re-invented unless there's already a good way to do it.
Perhaps something along the lines of the following:
=========
uuid: 9af3d710-e762-4cf4-a9cb-e5a5899bf3c8
public_key: 81A...BF
[zmq.rfc111]
may_sign_sub_certificates = False
[signatures]
(dropping to JSON notation for nesting support)
{ "zmq.rfc111", [ "a58af667-fca1-4bfc-90a7-f4653f6fc1af" : {
{"zmq.rfc111" : {"may_sign_sub_certificates" : true, "parent" :
''d027128d-a0af-48a8-8dfd-65f9ea2e47b1", ...}},
"d027128d-a0af-48a8-8dfd-65f9ea2e47b1" { ... }
],
}
=========
On Fri, Oct 4, 2013 at 2:39 AM, Pieter Hintjens <[email protected]> wrote:
> On Fri, Oct 4, 2013 at 7:13 AM, Tom Cocagne <[email protected]> wrote:
>
> > ==== Begin ZMQ Cert ====
> > uuid: 9af3d710-e762-4cf4-a9cb-e5a5899bf3c8
> > public_key: 81A...BF
> > [org.cocagne.home_network]
> > name: cool_zmq_app_server
> > webserver_port: 1234
> > [zmq.rfc1034]
> > dns_name: org.cocagne.home_network.cool_zmq_app_server
> > http_port: 1234
> > client_authentication_required: True
> > [signatures]
> > ...
> > ==== End ZMQ Cert ====
>
> OK, this is great, and goes on my whiteboard as the first strawman for
> a certificate format.
>
> - begin/end markers so multiple certs can be sent in an email
> - unique UUID to... to allow unique identification
> - RFC-specific sections with defined fields
>
> What problem do the endpoint sections address?
>
> -Pieter
> _______________________________________________
> zeromq-dev mailing list
> [email protected]
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
>
_______________________________________________
zeromq-dev mailing list
[email protected]
http://lists.zeromq.org/mailman/listinfo/zeromq-dev
