[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
authmeth-17 notes
Sorry to be so late...
>3.1.2. Client Certificate
> If a client that has provided a suitable certificate subsequently
> performs a Bind operation using the SASL EXTERNAL authentication
> mechanism (section 5.2.1), information in the certificate may
> be used by the server to identify and authenticate the client.
Why was "may subsequently be used" changed to "may be used" here?
3.1.3.1. Comparison of DNS Names
> That is, the subject
> *.example.com matches the server names a.example.com and
> b.example.com but not the server name example.com.
This example lost one case since authmeth-16. I suggest:
> That is, the subject
> *.example.com matches the server name a.example.com, but not
> the server names example.com and b.a.example.com.
More of the TLS vs anonymous discussion follows.
--
Hallvard