How are the OIDs and values in CertificateRequest extensions encoded
exactly (I can't make it out from the text)?
Does the OID part have the ASN.1 OID TLV tag and length (e.g.
is EKU 0x55 0x1D 0x25 or 0x06 0x03 0x55 0x1D 0x25)?
And how is the value encoded? Using the same encoding as
extnValue
I have no involvement in systems that would want this (our implementation
just ignores it), but it seems a TLS-style registry would be better than
using OIDs anyway. Concretely:
A CertificateExtension is a hint to the client about what kind of
certificates are acceptable. We have a registry of u16
Apologies, I hit 'Send' too early. Finished a sentence below:
On Sun, Sep 4, 2016 at 1:41 PM David Benjamin wrote:
> I have no involvement in systems that would want this (our implementation
> just ignores it), but it seems a TLS-style registry would be better than
> using OIDs anyway. Concretel
