search

NICMx / FORT-validator

RPKI cache validator
MIT License
51 stars 24 forks source link

Improve compliance with RFC 9589 #144

Closed job closed 3 months ago

job commented 3 months ago

As of 9589, the CMS SigningTime attribute is mandatory and the CMS BinarySigningTime attribute is forbidden.

Question for @ydahhrk does oid2arcs().MAX_ARCS need to be reduced by 1, because 1 OID declaration is removed?

ydahhrk commented 3 months ago

Question for @ydahhrk does oid2arcs().MAX_ARCS need to be reduced by 1, because 1 OID declaration is removed?

No, it's fine. MAX_ARCS counts OID arcs, not OIDs.

(Also, it's just a suggestion. oid2arcs() adjusts and retries if it doesn't work.)

Thanks!