----- Original Message ----- From: "Rainer Gerhards" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Monday, May 26, 2008 3:26 PM Subject: Re: [Syslog] Some revised text for syslog TLS
> > > Please keep in mind that my message was related to the question if > > > there is a use case for using IPs inside a certificate. As I said > > > above, there is. > > > > Ok. Do you think this use case is important enough to keep this > > feature (checking IPAddress subjectAltName) as part of the "MUST > > implement" baseline? > > No, I don't think it is a MUST. > But I would like it to be a SHOULD. Tom Petch > > (Joe's latest text already has other forms of name comparison as > > optional: "Implementations MAY also support authorization based on > > other attributes. For example, the authorization of a device Serial > > Number against the SerialNumber portion of the Subject Distinguished > > Name [...]") > > This should take care of it well enough. > > Rainer > _______________________________________________ > Syslog mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/syslog _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
