On 12.12.2016 13:49, Fraser Tweedale wrote:
(This is a tangential discussion, but...)

On Mon, Dec 12, 2016 at 09:52:02AM +0100, Jan Cholasta wrote:
IMO profile ID should default to caIPAserviceCert on the client as well.

NACK.  Default profile (although fixed at the present time) should
be considered server-side policy.  If we eventually make it
configurable, we don't want older clients overriding it.

I didn't mean the default value should be overriden on the clients, just that profile ID should stay optional on the client and use the default profile ID when unspecified.


Thanks,
Fraser



--
Jan Cholasta

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to