Go support for SCTs in OCSP?
75 views
Skip to first unread message
Jacob Hoffman-Andrews
Jul 13, 2015, 5:18:21 AM7/13/15
to certificate-...@googlegroups.com
Hi all,
For Boulder, the Go software that will run the Let's Encrypt CA, we're
starting work on logs submission code:
https://github.com/letsencrypt/boulder/pull/454. We'd like to also be
able to embed SCTs in the OCSP responses we provide, but we found that
Go's OCSP library doesn't yet support x509v3 extensions in OCSP
responses (https://godoc.org/golang.org/x/crypto/ocsp). Does anyone on
this list have working Go code to embed SCTs in OCSP that we could work
off of?
Thanks,
Jacob
For Boulder, the Go software that will run the Let's Encrypt CA, we're
starting work on logs submission code:
https://github.com/letsencrypt/boulder/pull/454. We'd like to also be
able to embed SCTs in the OCSP responses we provide, but we found that
Go's OCSP library doesn't yet support x509v3 extensions in OCSP
responses (https://godoc.org/golang.org/x/crypto/ocsp). Does anyone on
this list have working Go code to embed SCTs in OCSP that we could work
off of?
Thanks,
Jacob
Asad Mehmood
Dec 7, 2015, 4:47:17 PM12/7/15
to certificate-transparency, js...@eff.org
I've written a small package [1] which creates an OCSP extension given a list of SCTS
This obviously requires a x/crypto/ocsp to add support for a method to add OCSP Extensions
Reply all
Reply to author
Forward
0 new messages