You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The create-csr function uses the rcgen crate. We need to investigate whether there is an alternative way to implement this functionality without using that crate, relying instead on something like openssl. This is to avoid having a growing number of crypto-function-related libraries being consumed.
Details
This is an investigation - we need to look at what rcgen is providing and see whether equivalent functions are readily obtainable from more standard security libraries such as openssl or in other crates that were previously being consumed before the rcgen dependency was added. However, at time of writing, there is no integration between openssl and Parsec, so any use of openssl would just be to help create CSR data in the correct format. We would still need a way to call into Parsec to do the signing with the private key.
Definition of Done
DoD would be to have an understanding of how feasible it would be to implement CSR in a different way, with some approximate plan of attack and estimation of the size of the work.
The text was updated successfully, but these errors were encountered:
Summary
The
create-csrfunction uses the rcgen crate. We need to investigate whether there is an alternative way to implement this functionality without using that crate, relying instead on something like openssl. This is to avoid having a growing number of crypto-function-related libraries being consumed.Details
This is an investigation - we need to look at what
rcgenis providing and see whether equivalent functions are readily obtainable from more standard security libraries such as openssl or in other crates that were previously being consumed before thercgendependency was added. However, at time of writing, there is no integration between openssl and Parsec, so any use of openssl would just be to help create CSR data in the correct format. We would still need a way to call into Parsec to do the signing with the private key.Definition of Done
DoD would be to have an understanding of how feasible it would be to implement CSR in a different way, with some approximate plan of attack and estimation of the size of the work.
The text was updated successfully, but these errors were encountered: