Thanks Matt.
Em 23/05/2014 19:36, Matt Caswell via RT r...@openssl.org escreveu:
Hi Luiz
Thanks for the patch. I've reviewed it and it looks good. With regards to
your
comments around X509_V_ERR_PERMITTED_VIOLATION vs
X509_V_ERR_UNSUPPORTED_NAME_SYNTAX, I think you did it right.
Thanks Matt.
Em 23/05/2014 19:36, Matt Caswell via RT r...@openssl.org escreveu:
Hi Luiz
Thanks for the patch. I've reviewed it and it looks good. With regards to
your
comments around X509_V_ERR_PERMITTED_VIOLATION vs
X509_V_ERR_UNSUPPORTED_NAME_SYNTAX, I think you did it right.
Hi Luiz
Thanks for the patch. I've reviewed it and it looks good. With regards to your
comments around X509_V_ERR_PERMITTED_VIOLATION vs
X509_V_ERR_UNSUPPORTED_NAME_SYNTAX, I think you did it right.
Therefore:
Hello,
As this is my first opessl patch, I might have missed something.
This patch is important for those who wants to use name constraints in a CA.
Using name constraints for DNS prevents the use of an ip address in DNS
subjAltName.
The subjAltName using ipAddress solves the problem, but it was
Hello,
As this is my first opessl patch, I might have missed something.
This patch is important for those who wants to use name constraints in a CA.
Using name constraints for DNS prevents the use of an ip address in DNS
subjAltName.
The subjAltName using ipAddress solves the problem, but it was
Thanks Matt,
Sent to r...@openssl.org. However, I didn't see it in http://rt.openssl.org/.
Is it supposed to update realtime?
Regards,
---
Luiz Angelo Daros de Luca, Me.
luizl...@gmail.com
2014-05-03 17:15 GMT-03:00 Matt Caswell fr...@baggins.org:
On 3 May 2014 18:52,
On 5 May 2014 18:06, Luiz Angelo Daros de Luca luizl...@gmail.com wrote:
Thanks Matt,
Sent to r...@openssl.org. However, I didn't see it in http://rt.openssl.org/.
Is it supposed to update realtime?
It can take some considerable time to come through sometimes.
Matt
From: Luiz Angelo Daros de Luca luizl...@tre-sc.gov.br
OpenSSL is able to generate a certificate with name constraints with any
possible
subjectAltName field. The Name Contraint example in x509v3_config(5) even use IP
as an example:
nameConstraints=permitted;IP:192.168.0.0/255.255.0.0
On 3 May 2014 18:52, luizl...@gmail.com wrote:
From: Luiz Angelo Daros de Luca luizl...@tre-sc.gov.br
OpenSSL is able to generate a certificate with name constraints with any
possible
subjectAltName field. The Name Contraint example in x509v3_config(5) even use
IP
as an example:
From: Luiz Angelo Daros de Luca luizl...@tre-sc.gov.br
OpenSSL is able to generate a certificate with name constraints with any
possible
subjectAltName field. The Name Contraint example in x509v3_config(5) even use IP
as an example:
nameConstraints=permitted;IP:192.168.0.0/255.255.0.0
10 matches
Mail list logo
