How to set CRL number, and authority key id extensions.

Nikos Mavrogiannopoulos n.mavrogiannopoulos at gmail.com
Fri Oct 3 22:24:35 CEST 2008


Nikos Mavrogiannopoulos wrote:
> David Marín Carreño wrote:
>> Hi all.
>>
>> I'm the main developer of gnoMint, a graphical Certification Authority
>> managing tool.
>>
>> I would like to set authority key id extension, and number extension,
>> for each one of the created CRLs.
>>
>> Currently, the generated CRLs are not compliant with RFC5280, as it
>> says in pages 60 and 61, that these extensions are a MUST for CRLs
>> made by complying CAs.
>> Do you plan to include CRL extensions?

I have checked the issue and it seems that most of the functionality
already existed for CRL extension handling. I have commited a patch on
the current code base which adds this support. This is not a big change,
since it only adds functions, however it is up to Simon to decide on
whether this will be included on the upcoming release.

regards,
Nikos





More information about the Gnutls-devel mailing list