If there is not any objection I will commit this patch to trunk later today.
On 01/24/2013 12:13 AM, Tsantilas Christos wrote:
> There are cases where the generated certificates do not mimic enough
> properties and secure connection with the client fails. For example,
> Squid does not mimic Key Usage extensions. Clients using GnuTLS (or
> similar libraries that validate server certificate using those
> extensions) fail to secure the connection with Squid.
>
> This patch add mimicking for the following extensions, which are
> considered as safe to mimic:
> * X509v3 Key Usage
> * X509v3 Extended Key Usage,
> * X509v3 Basic Constraints CA.
>
> We would be happy to add more "safe to mimic" extensions if users
> request (and vouch for) them.
>
> This is a Measurement Factory project
>
> Regards,
> Christos
>
Received on Mon Jan 28 2013 - 09:45:26 MST
This archive was generated by hypermail 2.2.0 : Mon Jan 28 2013 - 12:00:12 MST