Create OID package - Githubissues

letsencrypt / boulder

An ACME-based certificate authority, written in Go.

Mozilla Public License 2.0

5.17k stars 603 forks source link

Create OID package #6986

Open pgporada opened 1 year ago

pgporada commented 1 year ago

There are many OIDs spinkled throughout boulder such as the following snippet. We should build a package that defines OIDs by class similar to how pyca/cryptography handles them.

//ca/crl.go: asn1.ObjectIdentifier{2, 5, 29, 28}
//cmd/ceremony/cert.go: var oidOCSPNoCheck = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 48, 1, 5}
//wfe2/wfe.go: asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 2, 1}
etc

mcpherrinm commented 11 months ago

We may be able to use the new x509.OID type instead of making a new one: https://github.com/golang/go/issues/60665

aarongable commented 10 months ago

I think we should use both the new x509.OID and the existing asn1.ObjectIdentifier types in our package, since the OIDs we care about fall into both categories (policy identifiers and extension identifiers, respectively).