Re: Trust intermediate CA for client certificates

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: Trust intermediate CA for client certificates
Дата
Msg-id 20920.1386015433@sss.pgh.pa.us
обсуждение исходный текст
Ответ на Re: Trust intermediate CA for client certificates  (Ian Pilcher <arequipeno@gmail.com>)
Ответы Re: Trust intermediate CA for client certificates
Список pgsql-hackers
Дерево обсуждения 
Ian Pilcher <arequipeno@gmail.com> writes:
> Yes.  And the problem is that there is no way to prevent OpenSSL from
> accepting intermediate certificates supplied by the client.  As a
> result, the server cannot accept client certificates signed by one
> intermediate CA without also accepting *any* client certificate that can
> present a chain back to the root CA.

Isn't that sort of the point?
        regards, tom lane

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Dimitri Fontaine
Дата:
Сообщение: Re: Extension Templates S03E11
Следующее
От: Stephen Frost
Дата:
Сообщение: Re: Extension Templates S03E11