-
Notifications
You must be signed in to change notification settings - Fork 124
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add X.509 implementation using composite keys and sigs drafts #333
Comments
Didn't we discuss prototyping the various hybrid approaches concurrently? I'd recommend doing this work in a separate branch, and not simply replace our current concatenation approach. |
I'd also second @christianpaquin maybe proposing as a compromise using the term "Add" instead of "Migrate" in this issue: Having both approaches (switchable by some means, e.g., environment variable) in one implementation/branch might be doable. Reason from my side against dumping the current approach: A stable OQS-OSSL code base to establish interop with oqs-provider (currently working through open-quantum-safe/oqs-provider#2) would be better than changing this logic in two places at the same time. Also, this work already creates challenges (at least for me) as the OSSL3 provider API and OSSL X509 APIs are not yet perfectly in tune for external (provider) use. After a cursory glance at it this RFC might actually be more simple to implement with a completely new X509 code base only using the ASN.1 APIs rather than patching things... |
Good point re: trying in a separate branch for now. I didn't think too careful about the choice of word "migrate"; I'll change it to "Add". |
My understanding is that they're revisiting their approach, so there may be new drafts with different designs. Closing this until a clearer path forward emerges. |
The text was updated successfully, but these errors were encountered: