[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Missing gnutls_x509_crq_sest_subject_alternative_name ?
|
From: |
Daniel Kahn Gillmor |
|
Subject: |
Re: Missing gnutls_x509_crq_sest_subject_alternative_name ? |
|
Date: |
Wed, 17 Sep 2008 13:12:32 -0400 |
|
User-agent: |
Gnus/5.11 (Gnus v5.11) Emacs/22.2 (gnu/linux) |
Hi David--
On Wed 2008-09-17 12:55:13 -0400, David Marín Carreño wrote:
> As some of you probably know, I am developing gnoMint, a graphical
> X.509 CA manager.
Cool, thanks for working on that!
> Examining the API, it seems that there exists a
> "gnutls_x509_set_subject_alternative_name" that adds an alternative
> name extension to a certificate structure, but it doesn't exist a
> similar function for adding alternative name(s) to certificate
> requests.
This question was just asked on help-gnutls:
http://lists.gnu.org/archive/html/help-gnutls/2008-09/msg00013.html
The answer seems to be that the capability doesn't exist yet in
certtool. Looking at includes/gnutls/x509.h, i don't see any similar
functionality for certificate requests in the library itself
either. :(
> Is there a reason for that? Do you plan to add that function?
I don't think there is a good reason to *not* have it; adding this
feature would be a really good thing, given how popular this
particular v3 extension is today.
--dkg
pgpWFDmVUCZT9.pgp
Description: PGP signature