Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

draft-cose-cbor-revocation-management: optimizaion of fields in C509CertificateRevocationList #152

Open
xipki opened this issue Jan 12, 2024 · 0 comments

Comments

@xipki
Copy link
Contributor

xipki commented Jan 12, 2024

In the file draft-cose-cbor-revocation-management.md:

The C509CertificateRevocationList is defined as follows

 -- Not a mistake, but a typo in the original document, shall be C509CertificateRevocationList
TBSCertificateSigningRequest = (
   C509CertificateRevocationListType: int,
   issuer: Name,
   thisUpdate: Time,
   nextUpdate: Time,
   revokedCertificates: RevokedCertificates,
   crlExtensions: Extensions,
   issuerSignatureAlgorithm: AlgorithmIdentifier,
)

As discussed in #149, issuerSignatureAlgorithm field shall be before issuer. And since revokedCertificates may be very large, and crlExtensions may be required before parsing the whole revokedCertificates, I prefer to have crlExtensions before revokedCertificates.

Finally, we shall have the following structure

C509CertificateRevocationList = (
   C509CertificateRevocationListType: int,
   *** issuerSignatureAlgorithm: AlgorithmIdentifier, ***
   issuer: Name,
   thisUpdate: Time,
   nextUpdate: Time,
   *** crlExtensions: Extensions,***
   revokedCertificates: RevokedCertificates,
)
highlunder added a commit that referenced this issue Feb 16, 2024
Line 88 now says TBSCertificateRevocationList, as it should (from #152)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants