Egothor/ZeroEcho
2
0
Fork 0
Code Issues 15 Pull Requests Actions Packages Projects 1 Releases 2 Wiki Activity

Extend status-object support beyond CRL-only generation #12

New Issue
Open
opened 2026-03-24 18:04:35 +01:00 by galambos · 0 comments
galambos commented 2026-03-24 18:04:35 +01:00
Owner
Copy Link

The current X.509 status object generator supports CRL generation only. The package and type system already model status objects more generally, but the BC implementation is currently CRL-focused.

Why this matters

For enterprise PKI maturity, status handling should evolve toward a broader status-object strategy, potentially including OCSP or other status publication forms, even if CRL remains the first implementation.

Acceptance criteria

  • Define the intended scope of StatusObjectType in the X.509 runtime.
  • Decide whether OCSP is in-scope for the next phase.
  • Keep the framework-neutral status abstraction while making X.509 capabilities explicit.
  • Ensure compatibility with publication targets and future ACME flows.
The current X.509 status object generator supports CRL generation only. The package and type system already model status objects more generally, but the BC implementation is currently CRL-focused. ## Why this matters For enterprise PKI maturity, status handling should evolve toward a broader status-object strategy, potentially including OCSP or other status publication forms, even if CRL remains the first implementation. ## Acceptance criteria - Define the intended scope of StatusObjectType in the X.509 runtime. - Decide whether OCSP is in-scope for the next phase. - Keep the framework-neutral status abstraction while making X.509 capabilities explicit. - Ensure compatibility with publication targets and future ACME flows.
galambos added this to the PKI Foundation Hardening and Regulated Operations Roadmap project 2026-03-24 18:56:06 +01:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project PKI Foundation Hardening and Regulated Operations Roadmap
Assignees
Clear assignees
galambos gitea-ci
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Egothor/ZeroEcho#12
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?