On 12.12.2016 13:49, Fraser Tweedale wrote:
(This is a tangential discussion, but...)
On Mon, Dec 12, 2016 at 09:52:02AM +0100, Jan Cholasta wrote:
IMO profile ID should default to caIPAserviceCert on the client as well.
NACK. Default profile (although fixed at the present time) should
be considered server-side policy. If we eventually make it
configurable, we don't want older clients overriding it.
I didn't mean the default value should be overriden on the clients, just
that profile ID should stay optional on the client and use the default
profile ID when unspecified.
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code