TLS: assigning certificates to username
Alan DeKok
aland at deployingradius.com
Thu May 5 17:24:08 CEST 2016
On May 5, 2016, at 11:06 AM, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:
>
> Where the peer identity represents a host, a subjectAltName of type
> dnsName SHOULD be present in the peer certificate. Where the peer
> identity represents a user and not a resource, a subjectAltName of
> type rfc822Name SHOULD be used, conforming to the grammar for the
> Network Access Identifier (NAI) defined in Section 2.1 of [RFC4282].
> If a dnsName or rfc822Name are not available, other field types (for
> example, a subjectAltName of type ipAddress or
> uniformResourceIdentifier) MAY be used.
OK.. so another one of the million fields available in the cert. <sigh>
Alan DeKok.
More information about the Freeradius-Users
mailing list