On Thu, Jun 18, 2015 at 11:49 AM, Jan Pazdziora <jpazdzi...@redhat.com> wrote:
> I'd appreciate any comments about suitability of such change, as well
> as the implementation. Specifically, I'm not sure if people will
> prefer the generic and currently proposed
>         SSL_CLIENT_SAN_otherName_n
> which gets any value of otherName type, or perhaps going with
>         SSL_CLIENT_SAN_UPN_n
> and checking the OID just for the UPNs. Based on that decision I plan
> to then respin the patch with documentation changes included.

I think a more generic way would to have something like
SSL_CLIENT_OID_<oid>_n, so that we wouldn't have to add a new field
each time.
In this case, that would be: SSL_CLIENT_OID_1.


Reply via email to