Hi there, I was wondering whether there are any news on the support of "qcStatements" X.509 v3 certificate private extension in OpenSSL. The ASN.1 syntax for this extension is quite straight forward so perhaps some one has already implemented this or at least it is pending somewhere in the queue for new release?
The easiest solution to work with would be to allow the configuration of the extension from the OpenSSL configuration file, something perhaps similar to the following: qcStatements = critical,qcCompliance,qcSyntaxVersion1 or qcStatements = critical,1.3.6.1.5.5.7.11.1,0.4.0.1862.1.1 whereby the qcCompliance would represent the ETSI statement of compliance object identifier [id-etsi-qcs-QcCompliance: 0.4.0.1862.1.1] and qcSyntaxVersion1 [id-qcs-pkixQCSyntax-v1: 1.3.6.1.5.5.7.11.1] - the object identifier for compliance with RFC 3039 Qualified Certificates Profile syntax. Obviously the above represents the simplified scenario, without extending the qcStatements sequence to optional "statementInfo" and also without consideration of the version 2 of the profile (as defined in RFC 3739) but nonetheless it would be very useful and helpful for the community I believe. Does any one have any thoughts on this or perhaps a ready to go implementation? I have searched mailing lists and groups but had no luck in finding any useful information other than the fact, that many people asked similar questions in the past years - but there was no response... Thanks, E. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
