Sorry for a late reply, and also a largely useless one:
Your addition looks very interesting and warrants a reaction. Problem
is I don't know very much of CSR's so I can't give much feedback.
JCRM <<pike[at]quick-hacks.co.uk>> wrote:
/.../
> I think I may do a bit of a rewrite of this. Under different uses many
> of the fields in a certificate request are optional including the
> distinguishedName, so I think a new approach is is order:
>
> Sequence build_certificate_request(Crypto RSA.key, mapping (string :
> mixed) csr_parts, void | array (int) version_min_max)
>
> Where the string part of the mapping corresponds to the certificate part
> (version, name, attributes, &c). This approach would make it easier to
> extend in future (not that is is likely to change now...)
That sounds like a good idea.
|