On 25.08.2012 09:58, Ismail JH wrote: > I'm new here, and I would like to contribute in this bug: > Bug 663733 - > Add ability to generate signed OCSP responses for testing > > - Can this task be assigned to me ?
You are welcome to work on it and submit patches, as attachments to the bug. You have already mentioned your intention to work on it in the bug, that's good. People will know that your working on it, and avoid duplicate efforts and will know that they should coordinate with you. Yes, we could officially set the asignee field in that bug to you, but it's not yet required. We could do so once you attach your first work results to the bug. > - And can I get more description like (Source code, Destination OS, OCSP > client source code) etc.. ? Regarding the destination OS, the answer is "all". NSS is cross platform. I propose to start by reading https://developer.mozilla.org/en-US/docs/An_overview_of_NSS_Internals and https://developer.mozilla.org/en-US/docs/Getting_Started_With_NSS (I added another article to that page today). It would be best if you started by writing code that is able to create signed OCSP responses, signed by a root CA certificate. Once you have such code, I'd propose to take a look at the security/nss/cmd/httpserv, it's a minimal http test server built only using NSPR/NSS library code. I'd propose to extend it to read CA certificates from files, as specified using command line arguments, and whenever a request is received by httpserv that starts with "/ocsp?", then it should produce a result using the matching CA certificate. You could look at file ocsp.c for example templates and example encoding (of an OCSP request). It might also inpiring to look at the code contained in the patch attached to the bugzilla you have mentioned. Let us know if you have more specific questions. Thanks again for your interest! Best regards Kai -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
