[PATCH] Mimic Key Usage and Basic Constraints from Tsantilas Christos on 2013-01-23 (squid-dev)

From: Tsantilas Christos <chtsanti_at_users.sourceforge.net>
Date: Thu, 24 Jan 2013 00:13:09 +0200

There are cases where the generated certificates do not mimic enough
properties and secure connection with the client fails. For example,
Squid does not mimic Key Usage extensions. Clients using GnuTLS (or
similar libraries that validate server certificate using those
extensions) fail to secure the connection with Squid.

This patch add mimicking for the following extensions, which are
considered as safe to mimic:
    * X509v3 Key Usage
    * X509v3 Extended Key Usage,
    * X509v3 Basic Constraints CA.

We would be happy to add more "safe to mimic" extensions if users
request (and vouch for) them.

This is a Measurement Factory project

Regards,
Christos

text/x-patch attachment: mimic-key-usage-basic-constrains-v2.patch

Received on Wed Jan 23 2013 - 22:13:18 MST

This archive was generated by hypermail 2.2.0 : Mon Jan 28 2013 - 12:00:12 MST