go1.22: Replace x509.Certificate.PolicyIdentifiers with Policies #7148
Assignees
Labels
starter
Ideal issues for folks getting familiar with Boulder
Comments
aarongable
added
the
starter
aarongable
pushed a commit
that referenced
this issue
Mar 10, 2025
Populate the new x509.Certificate.Policies field everywhere we currently populate the x509.Certificate.PolicyIdentifiers field. This allows Go to use whichever field it prefers (go1.23 prefers PolicyIdentifiers, go1.24 prefers Policies) as the source of truth when serializing a certificate. Part of #7148
|
Fixed by #7969 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The next version of go has a change to the crypto/x509 library which introduces a new
x509.OIDtype, and uses this type to power a newPoliciesfield on certificate objects. This field exists along-side the currentPolicyIdentifiersfield, which is of typeasn1.ObjectIdentifier.When we update to go1.22, we should update the CA and ceremony tool to use the new
Policiesfield instead ofPolicyIdentifiers.The text was updated successfully, but these errors were encountered: