[Help-gnutls] Re: Verifying subjectAltNames

Matthias Wimmer m at tthias.eu
Mon Feb 12 15:06:22 CET 2007

Simon Josefsson schrieb:
> Matthias Wimmer <m at tthias.eu> writes:
>> A okay, I did not read this paragraph at the first time. I think it
>> should be stripped as it is also stripped when non-otherName values
>> are returned.
> I agree, and I have changed this.  Data for known otherName OID's
> should now be decoded.  In the future, it won't be possible to decode
> all data, I think, since they may be structured, but we'll handle that
> problem when it comes to it.  This data happened to be non-structured.
> 'certtool -i' on the jabber.org XMPP certificate will now say:
>                 Subject Alternative Name (not critical):
>                         XMPP Address: jabber.org
>                         DNSname: jabber.org
>                         DNSname: *.jabber.org

Yes that's better and looks okay now. :-)


More information about the Gnutls-help mailing list