In message
<!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAjcq+Jr1ZM0uhE4LmhWqqs+KAAAAQAAAAM8ESBPPNHkOg/[EMAIL
PROTECTED]> on Tue, 3 Jan 2006 00:33:45 +0100, [EMAIL PROTECTED] said:
mailinglists> I *have* read the RFC 3820 and the
mailinglists> doc/HOWTO/proxy_certificates.txt, however I am still not
mailinglists> sure about:
mailinglists>
mailinglists> - the language field: can someone explain the different
mailinglists> values (id-ppl-anyLanguage, id-ppl-inheritAll,
mailinglists> id-ppl-independent)?
Dear, they are explained as well as I can get them in section 3.8.2.
Basically, id-ppl-anyLanguage is the wildcard that matches anything,
id-ppl-inheritAll just says that the current proxy cert inherits
everything from the issuing proxy cert, and id-ppl-independent
inherits nothing from the issuing proxy cert.
The use is not well defined in the RFC, and I guess experience will
show how it will be used in reality. In the mean time, it looks like
a lot of people simply use id-ppl-anyLanguage.
mailinglists> - the policy field: what (and how) can be defined using it?
It can be defined by any content. It's up to the authenticating
application to defined what it should contain and how it should be
interpreted. For that reason, the value or its' interpretation are
not defined in the RFC. For all I care, you can have a bit of XML in
there following some nice rights DTD.
Cheers,
Richard
--
Richard Levitte [EMAIL PROTECTED]
http://richard.levitte.org/
"When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up."
-- C.S. Lewis
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
