John Nagle schrieb: > SSL certificates are trees, represented in a format, "ASN.1", which > allows storing numbers, strings, and flags. > Fields are identified by names or by assigned "OID numbers" > (see RFC 2459). > > The tree is returned as tuples. The first element of the tuple > is always a string giving the name of the field, and the second > element is a string, Boolean, or number giving the value, or > a list of more tuples. The result is a tree, which will > resemble the tree typically displayed by browsers displaying > SSL certificates.
That looks like a bad choice of interface to me. If you want to expose the entire certificate, you should do that using as a single byte string, encoded in DER. The way you are representing it, you are losing information (e.g. whether the string type was IA5String, PrintableString, UTF8String), and I thought your complaint was that the current interfaces lose information, so you should not add an interface that makes the same mistake it tries to overcome. Regards, Martin -- http://mail.python.org/mailman/listinfo/python-list
