@evanphx @seancribbs @halorgium @_emboss_ what I'm really looking for is a way to expose client certs via Webmachine that isn't OpenSSL
@_emboss_ @evanphx @seancribbs @halorgium how should the subject (or possibly the entire certificate) be represented to end-users?
-
-
@bascule@evanphx@seancribbs@halorgium Just for information, or something else? -
@_emboss_@evanphx@seancribbs@halorgium uniquely identifiying certificates for use with an authentication system -
@bascule I'd pass the whole certificate as binary. String representation of subject e.g. is shaky, subject to library interpretation. -
@_emboss_ isn't the Distinguished Name supposed to uniquely identify the certificate? -
@bascule It sure is, but the mapping OID<-> string key is not one-to-one, not fully standardized. Things like RFC4514 don't cover all OIDs. -
@bascule Had to reference DNs in XML once, ended up using the Base64 of the DER because .NET and Java would constantly confuse DNs :) -
@bascule Sorry, hex, because Base64 wouldn't make for correct XML ids...hehe
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.