httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yann Ylavic <ylavic....@gmail.com>
Subject Re: Using UPN from subjectAltName with SSLUserName
Date Thu, 18 Jun 2015 10:22:21 GMT
On Thu, Jun 18, 2015 at 11:49 AM, Jan Pazdziora <jpazdziora@redhat.com> wrote:
>
> I'd appreciate any comments about suitability of such change, as well
> as the implementation. Specifically, I'm not sure if people will
> prefer the generic and currently proposed
>
>         SSL_CLIENT_SAN_otherName_n
>
> which gets any value of otherName type, or perhaps going with
>
>         SSL_CLIENT_SAN_UPN_n
>
> and checking the OID just for the UPNs. Based on that decision I plan
> to then respin the patch with documentation changes included.

I think a more generic way would to have something like
SSL_CLIENT_OID_<oid>_n, so that we wouldn't have to add a new field
each time.
In this case, that would be: SSL_CLIENT_OID_1.3.6.1.4.1.311.20.2.3_n.

Regards,
Yann.

Mime
View raw message