[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MirageOS-devel] Unix.tm, CLOCK: date handling in MirageOS

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA384

Daniel,

On 06/22/2015 17:40, Daniel BÃnzli wrote:
> Le lundi, 22 juin 2015 Ã 11:32, Hannes Mehnert a Ãcrit :
>> I provided sensible default values for validity times of a X.509 
>> certificate using Unix.tm/gmtime/time -- all of which are also 
>> available in the mirage CLOCK module type. Is there a way that
>> the X.509 library uses these symbols from the Unix module, and
>> mirage takes care that they're available (trivial in the non-xen
>> case, in the xen case I believe the OCaml runtime from
>> mirage-xen-ocaml needs to be modified slightly!?)?
> 
> Why isn't your validation procedure simply a function that takes
> the various components as labelled arguments (see the ASN1
> date_to_posix_time function). It may be a little bit less
> inconvenient than passing a Unix.tm record but that should do it
> (and you can have functions directly acting on the records in
> specific backends).

sorry for my wrong phrasing, it is not the validation of X.509
certificates I'm talking about [which takes a labelled ~time:float
when constructing the authenticator
https://github.com/mirleft/ocaml-x509/blob/naming/lib/x509.mli#L332],
but the generation (signing) of X.509 certificates.

Each certificate has a lifespan (expressed as tuple valid_from *
valid_until), passed into `sign` as labelled arguments (see
https://github.com/mirleft/ocaml-x509/blob/naming/lib/x509.mli#L240).

The issue is rather that a more convenient interface nowadays would
need to live in x509.unix or wherever, which due to the equality of
CLOCK.tm and Unix.tm is rather pointless (and as Anil mentioned,
providing tm behind CLOCK is rather tedious).  Since I'm not aware of
all the OCaml libraries, I wanted to see whether a small pure calendar
library already exists in OCaml (because I expect others: irmin, imap,
... to face the same issue).


Thanks,

Hannes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCQAGBQJViDI6AAoJELyJZYjffCjuvj4P/1kuLaUPaJ2UR0kK6CYhK62h
5Tf4JqXiux8G4tjlt2G3pJf6puaQim2AsagnvdWffJelSI8P6sCzFclXoU0K9c/g
zvMdn6mzKQNJfJSkI+d8/nYyFmwCUdq0gDlwQHar/zhAitJ1ms1x2qCVFf64NvcN
hQR7rXl1qVZ8IgAiscI5uvk339B/B0Q9TzRA1pASpMCf8ub15DXrRo+DB1Bu5VYx
wG34AinyfEX8egFqepfc4FqugM4H/CFHuI/Fr2nVGmGF9bEzQCKunCHF83Xa2YqI
Qcd4hrHXSnQH2sQnUEUCDkBcLPlZc5C7LRm1qzRvsAV3uGtZdowcppyTp3Yln8at
l0yYgjjkCGH6wwGWQvOqkFv7ni+rJefB+sNCSX1iTlOZuLfWIuDQa5BFFR6Z5yox
J3ncIUxFuqdjLMmhHmu7QRSxQbCKKtTGxsZyq6sCpwdM9DRXNG8QA8dMCwuoUWVn
GOZ7afV5Juxq+FZAfAJaq47VgM3wuZvBlk1/xG6IOetMScmgBQpJrMMK/aRtDges
E0VaSv4hDbfLOlfvjcirtqXO0tJik1vx3XNjZEk8M51dBE3/88EOEJfYp75A56ZW
sdg1I7G8xNc3xeINX16j1zBuloQ3Rm/62ZWiLewyjVSv/S24KJrNkOEHwCCLLuU7
UbdyZp6hFxWHkexQJWK1
=gdwM
-----END PGP SIGNATURE-----

_______________________________________________
MirageOS-devel mailing list
MirageOS-devel@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.