[Cryptography-dev] Interfaces for CRL handling

André Caron andre.l.caron at gmail.com
Sat May 9 22:50:36 CEST 2015 

Hi Erik,

I update mu pull request to add a basic interface for CRLs.  It comes with
an implementation of the OpenSSL backend for it too.

I haven't tackled the CRL distribution points extension yet.  Since those
interfaces are somewhat independent from mine, I guess Paul's interfaces
can come independently (obviously, I'll need them at one point to be able
to implement my CA though :-).

Cheers,

André

On Sat, May 9, 2015 at 1:18 AM, Erik Trauschke <erik.trauschke at gmail.com>
wrote:

> The plan is that Paul puts back his interface definitions for
> CRLDistributionPoints first. Then I can add the OpenSSL backend code
> for that. Next are the interfaces for the CRL object and the OpenSSL
> backend code for it.
> It's interesting that it seems like we have a few people working on
> the same thing at the same time, so i guess we just have to coordinate
> things a bit.
>
> Erik
>
> On Fri, May 8, 2015 at 9:33 PM, André Caron <andre.l.caron at gmail.com>
> wrote:
> > Hi Erik,
> >
> > I've put up a pull request with preliminary support for CA operations.
> My
> > pull request contains a builder for generating CRLs (but not for reading
> or
> > processing them).
> >
> > I see your patch contains new interfaces for CRL processing.  I hope you
> can
> > get that patch moving forward with a pull request so that I can base my
> > changes on them!
> >
> > Cheers,
> >
> > André
> >
> > On Thu, May 7, 2015 at 4:19 PM, Erik Trauschke <erik.trauschke at gmail.com
> >
> > wrote:
> >>
> >> Hi Paul,
> >>
> >> Ok, I'll wait until this goes back. Meanwhile there are a few other
> >> interfaces I need and I'll work on them. I'll also have a look at how
> >> to create my own branch in github.
> >>
> >> Erik
> >>
> >> On Thu, May 7, 2015 at 12:05 PM, Paul Kehrer <paul.l.kehrer at gmail.com>
> >> wrote:
> >> > Hi Erik,
> >> >
> >> > Thank you for your contribution! Some of your work overlaps with the
> >> > interfaces we're currently building
> >> > (https://github.com/pyca/cryptography/pull/1906/), but there is
> >> > implementation work and other interfaces that will be very useful.
> >> > Incidentally, your approach to fullname/relativename is one of the
> >> > discussions underway on that PR right now.
> >> >
> >> > The normal way we do contribution and code review is via pull requests
> >> > on
> >> > GitHub. You can put your initial work up for discussion by doing the
> >> > following:
> >> >
> >> > * Fork the project to your own account on github and check it out
> >> > * Branch, commit, and push the branch to your own repository
> >> > * Open a pull request against pyca/cryptography by following these
> >> > instructions (
> https://help.github.com/articles/creating-a-pull-request/)
> >> >
> >> > We're also available on freenode in #cryptography-dev to chat any
> time.
> >> >
> >> > I personally would say this work should probably wait on merging
> #1906,
> >> > at
> >> > which point we can pull in the CRLDistributionPoints OpenSSL
> >> > implementation,
> >> > then follow that up with a PR for the CRL object, and finally the
> >> > OpenSSL
> >> > implementation of a parser to build the CRL object.
> >> >
> >> > -Paul
> >> >
> >> >
> >> > On May 7, 2015 at 12:01:15 PM, Erik Trauschke (
> erik.trauschke at gmail.com)
> >> > wrote:
> >> >
> >> > Hi all,
> >> >
> >> > For my project I need cryptography to support basic handling of CRLs,
> >> > revoked certificates and CRLDistributionPoints.
> >> >
> >> > I attached a patch which adds these interfaces, including test cases
> >> > for it. I have never provided patches to a github project so I'm not
> >> > sure how the process works.
> >> > Do you have a separate place for code reviews (I haven't seen code
> >> > review discussions on this list)?
> >> >
> >> > I would appreciate if someone could look at my changes and put them
> >> > back to the gate, but let me know if I need to approach this
> >> > differently.
> >> >
> >> > Thanks
> >> > Erik
> >> > ________________________________
> >> > _______________________________________________
> >> > Cryptography-dev mailing list
> >> > Cryptography-dev at python.org
> >> > https://mail.python.org/mailman/listinfo/cryptography-dev
> >> >
> >> >
> >> > _______________________________________________
> >> > Cryptography-dev mailing list
> >> > Cryptography-dev at python.org
> >> > https://mail.python.org/mailman/listinfo/cryptography-dev
> >> >
> >> _______________________________________________
> >> Cryptography-dev mailing list
> >> Cryptography-dev at python.org
> >> https://mail.python.org/mailman/listinfo/cryptography-dev
> >
> >
> >
> > _______________________________________________
> > Cryptography-dev mailing list
> > Cryptography-dev at python.org
> > https://mail.python.org/mailman/listinfo/cryptography-dev
> >
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/cryptography-dev/attachments/20150509/2b006f61/attachment.html>

More information about the Cryptography-dev mailing list