[Cryptography-dev] Interfaces for CRL handling

Erik Trauschke erik.trauschke at gmail.com
Mon May 11 19:11:59 CEST 2015


Hi Paul,

So I see all the CRLDistributionList extension code got put back. Are
you already working on the CRL processing code or do you want me to
create my own branch for this and file a pull request?

Erik

On Sat, May 9, 2015 at 1:50 PM, André Caron <andre.l.caron at gmail.com> wrote:
> Hi Erik,
>
> I update mu pull request to add a basic interface for CRLs.  It comes with
> an implementation of the OpenSSL backend for it too.
>
> I haven't tackled the CRL distribution points extension yet.  Since those
> interfaces are somewhat independent from mine, I guess Paul's interfaces can
> come independently (obviously, I'll need them at one point to be able to
> implement my CA though :-).
>
> Cheers,
>
> André
>
> On Sat, May 9, 2015 at 1:18 AM, Erik Trauschke <erik.trauschke at gmail.com>
> wrote:
>>
>> The plan is that Paul puts back his interface definitions for
>> CRLDistributionPoints first. Then I can add the OpenSSL backend code
>> for that. Next are the interfaces for the CRL object and the OpenSSL
>> backend code for it.
>> It's interesting that it seems like we have a few people working on
>> the same thing at the same time, so i guess we just have to coordinate
>> things a bit.
>>
>> Erik
>>
>> On Fri, May 8, 2015 at 9:33 PM, André Caron <andre.l.caron at gmail.com>
>> wrote:
>> > Hi Erik,
>> >
>> > I've put up a pull request with preliminary support for CA operations.
>> > My
>> > pull request contains a builder for generating CRLs (but not for reading
>> > or
>> > processing them).
>> >
>> > I see your patch contains new interfaces for CRL processing.  I hope you
>> > can
>> > get that patch moving forward with a pull request so that I can base my
>> > changes on them!
>> >
>> > Cheers,
>> >
>> > André
>> >
>> > On Thu, May 7, 2015 at 4:19 PM, Erik Trauschke
>> > <erik.trauschke at gmail.com>
>> > wrote:
>> >>
>> >> Hi Paul,
>> >>
>> >> Ok, I'll wait until this goes back. Meanwhile there are a few other
>> >> interfaces I need and I'll work on them. I'll also have a look at how
>> >> to create my own branch in github.
>> >>
>> >> Erik
>> >>
>> >> On Thu, May 7, 2015 at 12:05 PM, Paul Kehrer <paul.l.kehrer at gmail.com>
>> >> wrote:
>> >> > Hi Erik,
>> >> >
>> >> > Thank you for your contribution! Some of your work overlaps with the
>> >> > interfaces we're currently building
>> >> > (https://github.com/pyca/cryptography/pull/1906/), but there is
>> >> > implementation work and other interfaces that will be very useful.
>> >> > Incidentally, your approach to fullname/relativename is one of the
>> >> > discussions underway on that PR right now.
>> >> >
>> >> > The normal way we do contribution and code review is via pull
>> >> > requests
>> >> > on
>> >> > GitHub. You can put your initial work up for discussion by doing the
>> >> > following:
>> >> >
>> >> > * Fork the project to your own account on github and check it out
>> >> > * Branch, commit, and push the branch to your own repository
>> >> > * Open a pull request against pyca/cryptography by following these
>> >> > instructions
>> >> > (https://help.github.com/articles/creating-a-pull-request/)
>> >> >
>> >> > We're also available on freenode in #cryptography-dev to chat any
>> >> > time.
>> >> >
>> >> > I personally would say this work should probably wait on merging
>> >> > #1906,
>> >> > at
>> >> > which point we can pull in the CRLDistributionPoints OpenSSL
>> >> > implementation,
>> >> > then follow that up with a PR for the CRL object, and finally the
>> >> > OpenSSL
>> >> > implementation of a parser to build the CRL object.
>> >> >
>> >> > -Paul
>> >> >
>> >> >
>> >> > On May 7, 2015 at 12:01:15 PM, Erik Trauschke
>> >> > (erik.trauschke at gmail.com)
>> >> > wrote:
>> >> >
>> >> > Hi all,
>> >> >
>> >> > For my project I need cryptography to support basic handling of CRLs,
>> >> > revoked certificates and CRLDistributionPoints.
>> >> >
>> >> > I attached a patch which adds these interfaces, including test cases
>> >> > for it. I have never provided patches to a github project so I'm not
>> >> > sure how the process works.
>> >> > Do you have a separate place for code reviews (I haven't seen code
>> >> > review discussions on this list)?
>> >> >
>> >> > I would appreciate if someone could look at my changes and put them
>> >> > back to the gate, but let me know if I need to approach this
>> >> > differently.
>> >> >
>> >> > Thanks
>> >> > Erik
>> >> > ________________________________
>> >> > _______________________________________________
>> >> > Cryptography-dev mailing list
>> >> > Cryptography-dev at python.org
>> >> > https://mail.python.org/mailman/listinfo/cryptography-dev
>> >> >
>> >> >
>> >> > _______________________________________________
>> >> > Cryptography-dev mailing list
>> >> > Cryptography-dev at python.org
>> >> > https://mail.python.org/mailman/listinfo/cryptography-dev
>> >> >
>> >> _______________________________________________
>> >> Cryptography-dev mailing list
>> >> Cryptography-dev at python.org
>> >> https://mail.python.org/mailman/listinfo/cryptography-dev
>> >
>> >
>> >
>> > _______________________________________________
>> > Cryptography-dev mailing list
>> > Cryptography-dev at python.org
>> > https://mail.python.org/mailman/listinfo/cryptography-dev
>> >
>> _______________________________________________
>> Cryptography-dev mailing list
>> Cryptography-dev at python.org
>> https://mail.python.org/mailman/listinfo/cryptography-dev
>
>
>
> _______________________________________________
> Cryptography-dev mailing list
> Cryptography-dev at python.org
> https://mail.python.org/mailman/listinfo/cryptography-dev
>


More information about the Cryptography-dev mailing list