Roland Shoemaker e8d9561997 crypto/x509: implement policy validation ... Implement support for parsing the various policy related extensions, and for validating the policy graph for chains. Policy validation is only run if VerifyOptions.CertificatePolicies is set. Policy validation is run after chains are built. If the computed policy graph for a chain is invalid, the chain is removed from the set of returned chains. This implements the RFC 5280 algorithm as updated by RFC 9618 [0]. Fixes #68484 [0] https://www.rfc-editor.org/rfc/rfc9618.html Change-Id: I576432a47ddc404cba966c2b1995365944b8bd26 Reviewed-on: https://go-review.googlesource.com/c/go/+/628616 Auto-Submit: Roland Shoemaker <roland@golang.org> Reviewed-by: Filippo Valsorda <filippo@golang.org> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Daniel McCarney <daniel@binaryparadox.net> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>		2024-11-22 01:28:52 +00:00
..
6-stdlib	crypto/x509: implement policy validation	2024-11-22 01:28:52 +00:00
1-intro.md	doc: initialize next directory for Go 1.24	2024-07-22 17:55:04 +00:00
2-language.md	doc: initialize next directory for Go 1.24	2024-07-22 17:55:04 +00:00
3-tools.md	cmd/go: re-enable build JSON from go test -json, now with GODEBUG	2024-11-19 02:39:44 +00:00
4-runtime.md	doc: initialize next directory for Go 1.24	2024-07-22 17:55:04 +00:00
5-toolchain.md	doc: document new restriction on cgo-generated method receicer types	2024-11-20 21:44:47 +00:00
7-ports.md	doc/next: pre-announce dropping macOS 11 support	2024-11-15 16:11:06 +00:00