CRMF support (Certificate Request Message Format)

[McLaynV]

Is your feature request related to a problem? Please describe.
It would be nice to support not only CSR (PKCS#10), but also CRMF as described in RFC 4211

Describe the solution you'd like
Add support for CRMF. Probably in the key context menu "Generate CSR" (generating the request) or "Sign" (signing the request with another key).

Describe alternatives you've considered

Additional context

• I've seen the CRMF used in German CAs and it seems better than CSR in many ways
• The OpenSSL CRMF support was added in OpenSSL 3.0.
• Bouncy Castle supports CRMF

[kaikramer]

I am really not sure what to think about this. This format is quite exotic and probably only very few KSE users would actually benefit from this feature. I am currently considering to remove SPKAC for this very reason.

Let's do a little poll: If anyone else would like to see CRMF support in KSE, then give this comment a thumbs-up.

Also, is anyone interested in working on this feature or at least parts of it (UI/backend)?

[McLaynV]

Thanks for considering.

I agree it is exotic and I have actually seen more CAs use their proprietary request formats that implement the CRMF features, than how many CAs I have seen supporting CRMF. (Which is a shame, but probably not anything we could change.)