9f74e254e8
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@17298 ec53bebd-3082-4978-b11e-865c3cabbd6b
48 lines
883 B
Plaintext
48 lines
883 B
Plaintext
$Id$
|
|
|
|
x501 name
|
|
parsing
|
|
comparing (ldap canonlisation rules)
|
|
|
|
DSA support
|
|
DSA2 support
|
|
|
|
x509 policy mappings support
|
|
|
|
CRL delta support
|
|
|
|
crypto
|
|
make signing alg depend on signer if not given
|
|
|
|
tests
|
|
nist tests
|
|
name constrains
|
|
policy mappings
|
|
http://csrc.nist.gov/pki/testing/x509paths.html
|
|
|
|
building path using Subject/Issuer vs SubjKeyID vs AuthKeyID
|
|
negative tests
|
|
all checksums
|
|
conditions/branches
|
|
|
|
pkcs7
|
|
handle pkcs7 support in CMS ?
|
|
|
|
certificate request
|
|
generate pkcs10 request
|
|
from existing cert
|
|
generate CRMF request
|
|
pk-init KDC/client
|
|
web server/client
|
|
jabber server/client
|
|
email
|
|
|
|
|
|
x509 issues:
|
|
|
|
OtherName is left unspecified, but its used by other
|
|
specs. creating this hole where a application/CA can't specify
|
|
policy for SubjectAltName what covers whole space. For example, a
|
|
CA is trusted to provide authentication but not authorization.
|
|
|