artulab
projects / openbsd / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6530cf1) | patch
In very verbose mode, log unexpected accessMethods
authortb <tb@openbsd.org>
Fri, 4 Nov 2022 23:42:56 +0000 (23:42 +0000)
committertb <tb@openbsd.org>
Fri, 4 Nov 2022 23:42:56 +0000 (23:42 +0000)
commitc39877f08d2607e7a4e3f0d5b9a815ef4006c9b3
tree8874579c65e1f111f4837fd794f454c5d50a934etree | snapshot
parent6530cf17bacd46ca6e598e84babf26940ba88971commit | diff
In very verbose mode, log unexpected accessMethods

While RFC 6487, 4.8.2.2 is very explicit about allowing id-ad-signedObject
as the only accessMethod, the clear language was lost during the RFC 8182
editing process. APNIC, TWNIC and JPNIC and a few others are currently
known to have an id-ad-rpkiNotify. The verbose logging allows us to check
the ecosystem while waiting for the point in time where we can turn this
into an error. See also https://www.rfc-editor.org/errata/eid7239.

ok job
usr.sbin/rpki-client/x509.c diff | blob | history
OpenBSD src
by Ahmet Artu Yildirim