CABF SMIME BR 7.1.2.3.m - Adobe Extensions#763
CABF SMIME BR 7.1.2.3.m - Adobe Extensions#763christopher-henderson merged 8 commits intozmap:masterfrom
Conversation
robplee
left a comment
robplee
left a comment
There was a problem hiding this comment.
I think this is fine and the only real change needed should be no trouble.
| ) | ||
|
|
||
| func init() { | ||
| lint.RegisterLint(&lint.Lint{ |
There was a problem hiding this comment.
So, the lint.Lint type is actually deprecated so this should be creating a lint.CertificateLint which is fairly similar but packages most of the fields that aren't the Lint into a LintMetadata struct. Same comment applies on the other lint too.
|
|
||
| var ( | ||
| //extension OIDs | ||
| AdobeTimestampOID = asn1.ObjectIdentifier{1, 2, 840, 113583, 1, 1, 9, 1} // Adobe Timestamp x509 extension |
There was a problem hiding this comment.
Is the correct formatting "timestamp" or "time-stamp". RFC3161 has it as "Time-stamp" and most online references I can find follow this trend although I've not found any record of Adobe actually defining what their OID should be called.
robplee
left a comment
robplee
left a comment
There was a problem hiding this comment.
Really, only a couple of minor nits to address in this one.
| return &adobeExtensionsLegacyMultipurposeCriticality{} | ||
| } | ||
|
|
||
| // CheckApplies returns true if the certificate's policies assert that it conforms to the multipurpose or legacy policy requirements defined in the SMIME BRs |
There was a problem hiding this comment.
This comment doesn't mention the extra requirement that the certificate must be a subscriber certificate
…se_criticality.go Co-authored-by: Rob <[email protected]>
Co-authored-by: Rob <[email protected]>
…se_criticality.go Co-authored-by: Rob <[email protected]>
3 participants
Adding lints to check the presence and criticality of the Adobe x509 Extensions to cover SMIME BR 7.1.2.3.m: