artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8a9424f) | patch
Mandate presence of CMS signing-time and disallow binary-signing-time
authorjob <job@openbsd.org>
Sun, 21 Apr 2024 09:03:22 +0000 (09:03 +0000)
committerjob <job@openbsd.org>
Sun, 21 Apr 2024 09:03:22 +0000 (09:03 +0000)
commit968e24948cc91e830e41af90577b1c1c8405f2d0
tree3e9619bf31b645179e367d20a4d5d87b994ff389tree | snapshot
parent8a9424f8c5c906abef17d8f94fe007f2fa52c0bccommit | diff
Mandate presence of CMS signing-time and disallow binary-signing-time

RFC-to-be draft-ietf-sidrops-cms-signing-time updates RFC 6488 by
mandating the presence of the CMS signing-time attribute and disallowing
the use of the CMS binary-signing-time attribute in RPKI Signed Objects.
The ecosystem has behaved this way for a number of years now.

Flip from warning to erroring for non-compliant objects.

OK tb@
usr.sbin/rpki-client/cms.c diff | blob | history
usr.sbin/rpki-client/x509.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim