help-gnutls
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnutls] Re: Verifying subjectAltNames

From: Matthias Wimmer
Subject: [Help-gnutls] Re: Verifying subjectAltNames
Date: Mon, 12 Feb 2007 15:06:22 +0100
User-agent: Thunderbird 1.5.0.9 (X11/20070103) 
Simon Josefsson schrieb:

Matthias Wimmer <address@hidden> writes:


A okay, I did not read this paragraph at the first time. I think it
should be stripped as it is also stripped when non-otherName values
are returned.


I agree, and I have changed this.  Data for known otherName OID's
should now be decoded.  In the future, it won't be possible to decode
all data, I think, since they may be structured, but we'll handle that
problem when it comes to it.  This data happened to be non-structured.

'certtool -i' on the jabber.org XMPP certificate will now say:

                Subject Alternative Name (not critical):
                        XMPP Address: jabber.org
                        DNSname: jabber.org
                        DNSname: *.jabber.org


Yes that's better and looks okay now. :-)


Matthias
reply via email to
[Prev in Thread] Current Thread [Next in Thread]