Closed ties closed 1 year ago
To clarify: This is extremely low to no priority. I can patch rpki-rs
to get this behaviour. A similar patch is the way to generate objects rfc8360 extensions in objects.
I can see how this can help testing. However.. this is a lot of work that requires changes in rpki-rs
. So, it's complicated, takes a lot of effort and there is a risk that unaware users of that library will end up making sub-optimal choices.
As a testbed operator, I am curious to see the signing time handling of various RPs. A RPKI signed object can contain no singing time at all, binary signing time, "normal " signings time, or both binary and "normal".
I want to check compliance so having this as a feature flag (or easily patched location in code, where I can even mutate the values) would be interesting