Is there any support in crypto->x509(v3) for certificate policy processing/checking as described in X.509 or PKIX? I had a quick look through the code but did not see anything? Or is it planned since it is required for some of the PKI compliance tests? This gets pretty complex with pathLengthConstraints, Name Constraints, User and Authority Constrained policies. Perhaps someone is planning a contribution. Chris Brook
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
