OCSP, crls response and timestamp

[pkumar-uk]

Is there a plan to include OCSP, crls response to CMS envelope along with time stamp. Currently field in CMS for OCSP response is blank.

Please suggest workarounds if possible for timestamp using timestamp service.

[m32]

The workload seems to be high and the profits are weak. If you feel like it, add this functionality and we will share it with others.

[pkumar-uk]

I think I have done the work for OSCP response and CRL response, I can share the code once I can verify it works for all cases. I wanted help where I can plugin timestamp. I am looking for direction.

[m32]

Read in asn1crypto/cms.py - in the signature structure there is room for crl/ocsp/timestamp, I have only completed the required bare minimum

[muristan]

@pkumar-uk Do you have a working code for OCSP enabled certificates? I'm very interested in it.

[m32]

try version 2.0.7 with ocs psupport

[ariessetiyawan]

how to used ocsp support in version 2.0.7

try version 2.0.7 with ocs psupport

how to used ocsp support in version 2.0.7

[m32]

example in pdf-sign-cms-hsm-certum.py
There are new parameters (optional) for pdf.cms.sign, i.e .: ocspurl and ocspissuer. The former is the address of the certificate provider's ocsp service, and the latter is the certificate of the certificate issuer of this service.