Alon Bar-Lev wrote: > If you integrate into Microsoft trust providers, you should also > support CTL and such. So that the Domain/Computer policy will be > applied to OpenVPN. After a bit of googling, I can know *guess* what you mean. I'm no Microsoft expert or developer -and I don't want to be, to be honest- so correct me if I'm wrong. I think that my code already does that; the default certificate chain engine mentions CTLs[1] and how I could limit them so I can guess that they *are* used. If you (or anybody else) have access to a such domain, I would love some feedback to my patch.
Regards, Faidon 1: http://msdn2.microsoft.com/en-us/library/aa377184.aspx
