Re: [exim] tls_verify_hostname

Page principale
Ce message fait partie du fil suivant :
M\Arborescence complète du fil triée par date
MMJeremy Harris à <-
MPhil Pennock à ->
Supprimer ce message
Répondre à ce message
Auteur: Jeremy Harris
Date:  
À: exim-users
Sujet: Re: [exim] tls_verify_hostname
On 2012-04-16 21:51, Jeremy Harris wrote:
> Agreed this is an issue. I'd like a string-expansion for testing a peer's cert
> against a specified name (using any of the CN + SAN-set, as it happens).
> Then where the name comes from is a separable policy item.

While I think of it, I'm also thinking of writing an authenticator which
(server-side only) accepts iff a TLS connection is present and the client
has presented a certificate valid for one of a given (as an authenticator
option) list of names.

Does this sound like a valid use-case for certificates?

--
Jeremy



Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-users
Informations sur la liste de diffusion | Messages voisins		<-Re: [exim] tls_verify_hostnameRe: [exim] smarthost login failing->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)