This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author christian.heimes
Recipients Lukasa, alex, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, vstinner
Date 2016-09-01.10:32:12
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1472725933.13.0.277192504527.issue27691@psf.upfronthosting.co.za>
In-reply-to
Content
A GEN_RID is an OID plus some opaque data. It's up to an application to understand an OID and interpret its data. The value of a GEN_RID can be as simple as an int or UTF-8 strings or as complex as a nested ASN.1 struct for Kerberos principals.

I have modified Lib/test/make_ssl_certs.py to include two GEN_RIDS: 

  otherName.1 = 1.2.3.4;UTF8:some other identifier
  otherName.2 = 1.3.6.1.5.2.2;SEQUENCE:princ_name

  [princ_name]
  realm = EXP:0, GeneralString:KERBEROS.REALM
  principal_name = EXP:1, SEQUENCE:principal_seq
  [principal_seq]
  name_type = EXP:0, INTEGER:1
  name_string = EXP:1, SEQUENCE:principals
  [principals]
  princ1 = GeneralString:username

1.3.6.1.5.2.2 is the OID for Kerberos public key init (pkinit), used for e.g. FAST pre-auth and SmartCard authentication.
History
Date User Action Args
2016-09-01 10:32:13christian.heimessetrecipients: + christian.heimes, janssen, pitrou, vstinner, giampaolo.rodola, alex, dstufft, Lukasa
2016-09-01 10:32:13christian.heimessetmessageid: <1472725933.13.0.277192504527.issue27691@psf.upfronthosting.co.za>
2016-09-01 10:32:13christian.heimeslinkissue27691 messages
2016-09-01 10:32:12christian.heimescreate