Bug#988436: RFP: certlint -- X.509 certificate linter

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#988436: RFP: certlint -- X.509 certificate linter
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Wed, 12 May 2021 23:00:52 -0400
Message-id: <[🔎] 162087485264.966576.11109483950939848710.reportbug@alice.fifthhorseman.net>
Reply-to: Daniel Kahn Gillmor <dkg@fifthhorseman.net>, 988436@bugs.debian.org

Package: wnpp
Severity: wishlist

* Package name    : certlint
  Version         : 1.3.0
  Upstream Author : Rob Stradling <rob@sectigo.com>
* URL             : https://github.com/certlint/certlint
* License         : Apache 2.0
  Programming Lang: Ruby, C
  Description     : X.509 certificate linter

This linter identifies likely problems with X.509 certificates,
including ways that they can be out of compliance with RFCs, CABForum
baseline requirements, and other standards.

---

Note that this requires building of the asn1validator extension to
ruby, which is included in the repository (as C source, afaict).

This and zlint (#915788) are apparently the two dominant X.509
certificate checkers, according to Ryan Sleevi, who is in a good
position to know:

   https://twitter.com/sleevi_/status/1392120487749300226

Regards,

   --dkg

Reply to:

Follow-Ups:
- Bug#988436: RFP: certlint -- X.509 certificate linter
  - From: Paul Wise <pabs@debian.org>

Prev by Date: Processed: Re: RFP: zlint -- X.509 certificate linter
Next by Date: Bug#915788: RFP: zlint -- X.509 certificate linter
Previous by thread: Processed: Re: RFP: zlint -- X.509 certificate linter
Next by thread: Bug#988436: RFP: certlint -- X.509 certificate linter
Index(es):
- Date
- Thread