@evanphx what do you think about having an SSL-implementation independent class for X.509 certificates? /cc @seancribbs @halorgium
-
-
Replying to @bascule
@bascule@seancribbs@halorgium I'm in favor of it. X509 was never designed for SSL (thus the weird extensions and CN usage).1 reply 0 retweets 0 likes -
Replying to @evanphx
@evanphx@seancribbs@halorgium perhaps it's something Krypt could provide /cc@_emboss_1 reply 0 retweets 0 likes -
Replying to @bascule
@bascule@seancribbs@halorgium@_emboss_ The problem will always be updating clients to use a new scheme.2 replies 0 retweets 0 likes -
Replying to @evanphx
@evanphx@seancribbs@halorgium@_emboss_ what I'm really looking for is a way to expose client certs via Webmachine that isn't OpenSSL1 reply 0 retweets 0 likes -
Replying to @bascule
@bascule@seancribbs@halorgium@_emboss_ What do you want? Just encryption? Do you want server authentication?1 reply 0 retweets 0 likes -
Replying to @evanphx
@evanphx@seancribbs@halorgium@_emboss_ client authentication via certificate: https://github.com/celluloid/reel/issues/94 …1 reply 0 retweets 0 likes -
Replying to @bascule
@bascule@seancribbs@halorgium@_emboss_ I'm not clear. Do you control the client and server and want a different enc/auth than SSL?2 replies 0 retweets 0 likes
@evanphx @seancribbs @halorgium @_emboss_ ala MySQL's REQUIRE SUBJECT (you'll have to ^F, sorry): https://dev.mysql.com/doc/refman/5.0/en/grant.html …
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.