Matt Cooper
Matt Cooper
I agree, it's not broken. Although there is no such thing as a v3 at this time, it is not the least bit harmful to accept the value in a...
I tracked it down to use of urlunsplit from urllib/parse.py. If I add 'ldap' to its uses_netloc list, then it produces the correct output. urllib has no specific support for...
Thanks Will, using .contents is in fact exactly what I did on the read side. The reason this behavior became more problematic for me was the tbs.dump(force=True) resulted in an...
I do have that band-aide.. not sure runtime modification of urllib's behavior rises to the level of fix? All I did was add this: ``` import urllib.parse if 'ldap' not...
If I'm reading your changes correctly, you've created a validation mode that isn't described in the standards. Point in time validation requires valid revocation data from that point in time,...
@djpackham My understanding is this tool was supposed to be for checking conformance with FPKI profiles so submitted cert samples are more likely to pass review. I'd think automatically comparing...
I added profile info to the configuration file to facilitate display of profile version/date, possibly for selection UI. Don't plan to move the needle on this more until things are...
That's definitely a big 180 from the kind of human readable html single cert output we've talked about. The original purpose of this tool was to check a sample cert...