another one for client certificates
Goetz Babin-Ebell
goetz at shomitefo.de
Fri Sep 12 16:56:36 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Johannes Rußek wrote:
| Hi Guys,
Hello Johannes,
| I'm trying to patch tls.c to make it able to pick different attributes
| in the client cert to authenticate from and will also try to update the
| openssl api in use if i get a bit help there.
While I'm very short of time (and quite lazy when I do have some),
I'm willing to look into it...
| if anyone else is using client certs and would lik to use them for cyrus
| auth, which attributes would you use?
| so far i came up with the current default commonName, the the userId
| (UID) and pkcs9 email for virtual domains.
| Anything else?
Do you also plan to look into the subjectAltName extension ?
Goetz
- --
DMCA: The greed of the few outweighs the freedom of the many
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4-svn0 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIyteD2iGqZUF3qPYRAu8TAJ4hqb/pvY+ClGMxIgNtyoYoshxmLgCePY2Y
Nt/RdmhoHjPUiRn07yyu2xw=
=na5Q
-----END PGP SIGNATURE-----
More information about the Info-cyrus
mailing list