Create OID package - Githubissues

letsencrypt / boulder

An ACME-based certificate authority, written in Go.

Mozilla Public License 2.0

5.22k stars 608 forks source link

Create OID package #6986

Open pgporada opened 1 year ago

pgporada commented 1 year ago

There are many OIDs spinkled throughout boulder such as the following snippet. We should build a package that defines OIDs by class similar to how pyca/cryptography handles them.

//ca/crl.go: asn1.ObjectIdentifier{2, 5, 29, 28}
//cmd/ceremony/cert.go: var oidOCSPNoCheck = asn1.ObjectIdentifier{1, 3, 6, 1, 5, 5, 7, 48, 1, 5}
//wfe2/wfe.go: asn1.ObjectIdentifier{2, 16, 840, 1, 101, 3, 4, 2, 1}
etc

mcpherrinm commented 1 year ago

We may be able to use the new x509.OID type instead of making a new one: https://github.com/golang/go/issues/60665

aarongable commented 1 year ago

I think we should use both the new x509.OID and the existing asn1.ObjectIdentifier types in our package, since the OIDs we care about fall into both categories (policy identifiers and extension identifiers, respectively).