1 Jul
2009
1 Jul
'09
2:14 p.m.
Martin Schneider wrote:
We need also authorization. So we want to
1.) check if the certificate is signed by a "trusted ca"
That is done by the normal certificate validation process.
2.) check if the username x in the certificate is "known"
What does that mean? If the CA signed the certificate, then the usename is known. Why would the CA sign a certificate for an unknown user?
3.) check if the user with name x is authorized to access the service.
That can be done with RADIUS. Alan DeKok.