Re: [exim] tls_verify_hostname

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Phil Pennock
Ημερομηνία:  
Προς: Jeremy Harris
Υ/ο: exim-users
Αντικείμενο: Re: [exim] tls_verify_hostname
On 2012-04-16 at 22:24 +0100, Jeremy Harris wrote:
> While I think of it, I'm also thinking of writing an authenticator which
> (server-side only) accepts iff a TLS connection is present and the client
> has presented a certificate valid for one of a given (as an authenticator
> option) list of names.
>
> Does this sound like a valid use-case for certificates?


I think this is normally done with EXTERNAL, so that the client still
requests AUTH within the SASL framework.

I'd have thought it could be accomplished with "plaintext", ignoring
what's sent by the client and just looking at $tls_* variables, but I
might be wrong.

-Phil