On 28/06/2023 3:41 am, Howard Chu wrote:
The point of a certificate-based authentication system is not to have to
implement authentication rules
for each and every individual user.
It needn't be so fine grained. Just restrict the namespace of accepted
certs to that which the system integrator has authority over.
that CA should only be issuing certs to valid users. Ideally, the LDAP server
should be the CA
That is too opinionated for universal application. I am sure I am not
alone in choosing to use a public CA.
--
This email has been checked for viruses by AVG antivirus software.
www.avg.com
