Referring to the fix for the below issue:
This would be more appropriate as a discussion within that issue but it has been locked due to age so I am posting here.
There is currently a restriction in Go on oid sub-identifiers in an x509 certificate OID that they must be < 31 bits. Is there any intent to ever change that restriction?
We have a customer who wants to use certificates provided by their IT department. Their internal CertificatePolicyID which is set in their certs has a sub-identifier in the OID which would need a 64 bit int to represent. This certificate is accepted by other components in our product (mostly java based) but gets rejected by a small service we have running in Go.