[Mono-dev] Question about Mono.Security.X509

Sebastien Pouliot sebastien.pouliot at gmail.com
Fri Jun 13 07:34:45 EDT 2008 

Hello David,

On Fri, 2008-06-13 at 02:08 -0400, David Isaac Wolinsky wrote:
> Attached is a patch to allow creation of the SubjectAltName Extension 
> using X509CertificateBuilder.  There are some unit tests and I confirmed 
> using openssl, System.Security.Cryptography.X509Certificates, and 
> Mono.Security.X509 to read the certificates.
> 
> I also went ahead and fixed the IP Address code and again confirmed it 
> worked with openssl.  Please let me know if there needs to be more unit 
> tests, I would like to believe that I didn't really add anything 
> substantial that needed more thorough testing than what I did.

Nice :-)

> Are there any code freezes in Mono?  

Next code freeze is scheduled for July 14th in preparation for Mono 2.0.

> Or will this appear in the next released version

It should be in the "preview release" leading to Mono 2.0. Actual,
non-preview, release is planned in September.

>  (assuming you're happy with the patch?).

I'll review it and let you know soon. Anyway we are likely to have time
to fix any issue before the branch.

> Regards,
> David
> 
> Sebastien Pouliot wrote:
> > Hello David,
> >
> > On Thu, 2008-06-12 at 14:26 -0400, David Wolinsky wrote:
> >   
> >> Is anyone working on X509CertificateBuilder.  
> >>     
> >
> > AFAIK no one. The actual class does everything that mono itself requires
> > (mostly implementing the makecert tool).
> >
> >   
> >> I am putting together a 
> >> little work to add a single URI to SubjectAltName and add the extension 
> >> to the CertificateBuilder.  It appears to work in both .Net and Mono.  
> >> They were able to properly read the certificate and Identify the 
> >> SubjectAltName.  If someone is working on this, how much more robust 
> >> would you want this before you would take it in as a patch?
> >>     
> >
> > Mono.Security is stable so any change must be forward compatible (e.g.
> > adding new stuff is possible but changing existing API is unlikely to be
> > possible).
> >
> > Also any new features should come with unit tests to make sure any
> > future change won't break them.
> >
> > Other than this it's as simple as posting your patch for review on this
> > list (as long as you're willing the code to be available under the MIT
> > X11 license).
> >
> > Thanks!
> > Sebastien
> >
> >
> >
> >   
>

More information about the Mono-devel-list mailing list