I've added the ASN.1 module to the GitHub copy, tweaked slightly (been
trying to switch from "identifier" to "ID" and it looked like id-mod-*
tended to be lowercase, so I've matched that). Thanks so much for the
example! Let me know if I got any of that wrong.
https://github.com/tlswg/tls-trust-anc
Whoops, I cut a new version just to snapshot an old "identifier" -> "ID"
change hanging around in GitHub before I saw this message! Just replying to
acknowledge this and that I did not ignore it intentionally! Will add this
to the document, probably tomorrow. Thanks for putting that together!
On M
In addition, you could mandate that the extension can never be critical:
ext-trustAnchorIdentifier EXTENSION ::= {
SYNTAX TrustAnchorIdentifier
IDENTIFIED BY id-pe-trustAnchorIdentifier
CRITICALITY { FALSE } }
Russ
> On May 12, 2025, at 4:44 PM, Russ Housley wrote:
>
