[ipxe-devel] Proposed patch: support for SSL subjectAlternativeName certificates, two other useful features
jarrod.b.johnson at gmail.com
Mon Mar 31 21:08:23 UTC 2014
What about iPAddress fields (see my patch earlier in thread)?
On Mon, Mar 31, 2014 at 9:17 AM, Michael Brown <mcb30 at ipxe.org> wrote:
> On 25/11/13 19:12, Alex Chernyakhovsky wrote:
>> Are there any other comments or concerns with this patchset? I'd love to
>> see it merged.
> The subjectAltName and wildcard certificate feature is now pushed:
> I'm unsure how subjectAltName is intended to be used with CMS (code
> signing). The current code will accept either the commonName or any
> dNSName-typed subjectAltName as a match for a certificate name, for both
> TLS and CMS. It seems plausible that CMS might expect to match on e-mail
> addresses (rfc822Name) rather than DNS names (dNSName), but I can't find
> any definitive documentation on this. Any input welcome.
> ipxe-devel mailing list
> ipxe-devel at lists.ipxe.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ipxe-devel