5 May
2016
5 May
'16
11:24 a.m.
On May 5, 2016, at 11:06 AM, Arran Cudbard-Bell <a.cudbardb@freeradius.org> wrote:
Where the peer identity represents a host, a subjectAltName of type dnsName SHOULD be present in the peer certificate. Where the peer identity represents a user and not a resource, a subjectAltName of type rfc822Name SHOULD be used, conforming to the grammar for the Network Access Identifier (NAI) defined in Section 2.1 of [RFC4282]. If a dnsName or rfc822Name are not available, other field types (for example, a subjectAltName of type ipAddress or uniformResourceIdentifier) MAY be used.
OK.. so another one of the million fields available in the cert. <sigh> Alan DeKok.