Notes on reading and writing resource sets.

svn path=/openssl/README; revision=227
author: Rob Austein <sra@hactrn.net> 2006-08-25 02:19:36 +0000
committer: Rob Austein <sra@hactrn.net> 2006-08-25 02:19:36 +0000
commit: fc30926321b8f14d74e49a1f91fd58d7c8f7d9cb (patch)
tree: 0828f769b180ad16d9d54451563d6a9c0fea9763 /openssl/README
parent: 6e839f94bdbcef6c80bb6fa4347171f8b2168795 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/openssl/README b/openssl/README
index 4d71867c..1bcf9546 100644
--- a/openssl/README
+++ b/openssl/README
@@ -227,6 +227,14 @@ Random reminders and notes to myself:
 
 - May need to check AKID in crypto/x509/x509_vfy.c:get_crl().
 
+- "Resource sets" -- represent internally as extensions, inheritance
+  disallowed.  Need I/O functions.  Groveling doc/openssl.txt, I see
+  X509V3_EXT_conf_nid(), X509V3_EXT_print_fp(), and X509V3_EXT_d2i()
+  as the functions most likely to be useful.  Sections 2 & 3 of that
+  file are generally informative on how to do this, difficulty is just
+  that most of it, unsurprisingly, is geared towards extensions in
+  certificates and CRLs, not bare extensions.  But should suffice.
+
 
 
 The June meeting at APNIC came up with a list of desired OpenSSL
author	Rob Austein <sra@hactrn.net>	2006-08-25 02:19:36 +0000
committer	Rob Austein <sra@hactrn.net>	2006-08-25 02:19:36 +0000
commit	fc30926321b8f14d74e49a1f91fd58d7c8f7d9cb (patch)
tree	0828f769b180ad16d9d54451563d6a9c0fea9763 /openssl/README
parent	6e839f94bdbcef6c80bb6fa4347171f8b2168795 (diff)