URL: https://github.com/freeipa/freeipa/pull/490
Title: #490: certdb: use certutil and match_hostname for cert verification

HonzaCholasta commented:
Awesome indeed!

As for your suggestions to improve the validation, I completely agree with 
them, but the focus of this PR is to refactor the current validation not to use 
python-nss, which it delivers. Could you please file a ticket for the 
improvements, so that it gets more visibility and can be properly tracked?

See the full comment at 
Manage your subscription for the Freeipa-devel mailing list:
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to