On Mon, Feb 11, 2008, Paruchuri, Kranti Kumar wrote: > Hello, > > This is Kranti Kumar Paruchuri, working with CA, India. > > I have a question regarding the OpenSSL-V3. I have been working on the > X.509 certificate CRL Distribution Point extension. Our application > requires supporting the "GENERALNAMES, "Relative Distinguished Names", > "Reasons" and also the "cRLIssuer" which are part of the X.509 > certificate Distribution Point. But from the source code, I understand > that it only supports the "GENERALNAMES" as it was mentioned in the > "v3_crld.c" file and in function > i2v_crld(X509V3_EXT_METHOD *method, STACK_OF(DIST_POINT) *crld, > STACK_OF(CONF_VALUE) *exts) > > Is my understanding correct? Could you please help us know if there is > another version of OpenSSL which is supporting the "Relative > Distinguished Names", "Reasons" and "cRLIssuer" of a Distribution Point? > If not when the support is expected for the same? > > I would also welcome if any pointers/links are provided for the > information provided. >
The development snapshots of OpenSSL (which will be 0.9.9) allow the setting of all these fields but not 0.9.8 or earlier. See: http://www.openssl.org/docs/apps/x509v3_config.html#CRL_distribution_points_ Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
