@evanphx @seancribbs @halorgium perhaps it's something Krypt could provide /cc @_emboss_
@evanphx @seancribbs @halorgium @_emboss_ something like that, yeah. Possibly Krypt? ;)
-
-
@bascule@seancribbs@halorgium@_emboss_ Yeah. You can use any ASN.1 lib to decode the cert, then just pull the fields you want. -
@evanphx@seancribbs@halorgium@_emboss_ well more to the point I'd like to see a common way for Ruby web servers to expose the client cert -
@bascule@seancribbs@halorgium@_emboss_ Let's add it as a rack-ext. Inject the client cert subject as 'ssl.client.subject' into the env. -
@evanphx@seancribbs@_emboss_ and use the DirName? that seems good to me.@halorgium was thinking a hash of the Distinguished Name's parts -
@bascule@seancribbs@_emboss_@halorgium The full subject should be exposed since how to understand it will vary. -
@evanphx@seancribbs@_emboss_@halorgium what form should it take though? A special class? A hash? A string? Raw ASN.1? ;) -
@bascule@seancribbs@_emboss_@halorgium Imho, the script in normal form "cn=Evan,dc=phx,dc=io"
End of conversation
New conversation -
-
-
@bascule@evanphx@seancribbs@halorgium Just reading the certificate and its field is certainly possible. -
@_emboss_@evanphx@seancribbs@halorgium how should the subject (or possibly the entire certificate) be represented to end-users? -
@bascule@evanphx@seancribbs@halorgium Just for information, or something else? -
@_emboss_@evanphx@seancribbs@halorgium uniquely identifiying certificates for use with an authentication system -
@bascule I'd pass the whole certificate as binary. String representation of subject e.g. is shaky, subject to library interpretation. -
@_emboss_ isn't the Distinguished Name supposed to uniquely identify the certificate? -
@bascule It sure is, but the mapping OID<-> string key is not one-to-one, not fully standardized. Things like RFC4514 don't cover all OIDs. -
@bascule Had to reference DNs in XML once, ended up using the Base64 of the DER because .NET and Java would constantly confuse DNs :) - 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.