[Help-gnutls] Re: Verifying subjectAltNames
Matthias Wimmer
m at tthias.eu
Mon Feb 12 15:06:22 CET 2007
Simon Josefsson schrieb:
> Matthias Wimmer <m at tthias.eu> writes:
>
>
>> A okay, I did not read this paragraph at the first time. I think it
>> should be stripped as it is also stripped when non-otherName values
>> are returned.
>>
>
> I agree, and I have changed this. Data for known otherName OID's
> should now be decoded. In the future, it won't be possible to decode
> all data, I think, since they may be structured, but we'll handle that
> problem when it comes to it. This data happened to be non-structured.
>
> 'certtool -i' on the jabber.org XMPP certificate will now say:
>
> Subject Alternative Name (not critical):
> XMPP Address: jabber.org
> DNSname: jabber.org
> DNSname: *.jabber.org
>
Yes that's better and looks okay now. :-)
Matthias
More information about the Gnutls-help
mailing list