[Date Prev][Date Next] [Chronological] [Thread] [Top]

ITS#5789 using IP address in CN with GnuTLS

To: openldap-its@OpenLDAP.org
Subject: ITS#5789 using IP address in CN with GnuTLS
From: hyc@symas.com
Date: Tue, 20 Jan 2009 21:45:14 GMT

Upon further re-reading of RFC4513 and RFC2818, I think the original behavior 
was correct. An IP address is only allowed to match an IP Address 
subjectAltName, it is not allowed to match the certificate CN.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: Re: (ITS#5860) slapd memeory leak under openldap 2.4
Next by Date: Re: (ITS#5894) test039 fails: ldap_back_conn_delete: Assertion
Index(es):
- Chronological
- Thread