Re: [PHP-DEV] Re: PR #5251 adds support for CMS (RFC5662)

This is only part of a thread. view whole thread
  110147
May 12, 2020 15:10 george.banyard@gmail.com ("G. P. B.")
On Mon, 11 May 2020 at 12:45, Christoph M. Becker <cmbecker69@gmx.de> wrote:

> On 11.05.2020 at 11:59, Eliot Lear wrote: > > > Hi everyone, > > > > I am new to the PHP development process, so please forgive me if I have > > this wrong. > > > > In PR #5251[1] I’ve created OpenSSL CMS functions that are nearly direct > > analogues to the openssl PKCS#7 functions. Cryptographic Message Syntax > > is defined in RFC 5652[2], and is a follow-on to PKCS#7. These > > functions are useful to developers who are creating or verifying > > PKI-based signatures (this is the case for me or anyone else who is > > implementing or deploying RFC 8520[3]), and there are other IoT services > > that are using CMS as well (not to mention certain modern mailing > systems). > > > > There are one or two changes- one can specify the encoding format as an > > argument, for instance, and error out out the use of DETACHED with > > S/MIME encoding, as nobody seems to know what that would mean. > > > > I’ve been working with Jakub and others who have been very generous with > > their time on code reviews. I would be grateful for any additional > > feedback you would have, with an eye toward merging this PR. The PR is > > already marked as RFC I have not yet formalized that.(*) > > > > Best regards, > > > > Eliot > > > > (*) I tried adding an RFC page on the wiki, but sensibly, as I just > > created the account, the system did not permit me to do so. > > > > [1] https://github.com/php/php-src/pull/5251 > > [2] https://www.rfc-editor.org/rfc/rfc5652.html > > [3] https://www.rfc-editor.org/rfc/rfc8520.html > > Thanks for working on CMS support! > > I have granted you RFC karma. Best of luck with the RFC. :) > > -- > Christoph M. Becker > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > > Does this really require an RFC?
This seems like just exposing some underlying functionality from OpenSSL to userland which I wouldn't have expected to need an RFC to be added. Best regards George P. Banyard
  110148
May 12, 2020 15:39 lear@lear.ch (Eliot Lear)
Hi!

On 12.05.20 17:10, G. P. B. wrote:
> Does this really require an RFC? > This seems like just exposing some underlying functionality from OpenSSL > to userland which I wouldn't have expected to need an RFC to be added.
Whether or not you wish to use the full process (voting and all) is not something I can comment on, but I will say that just writing out the RFC helped me realize that I could improve a few things in the code.  I also pretty much wrote out the documentation for the calling interface in the draft RFC.  I hope this will prove useful. Eliot