[Freeipa-devel] [PATCH] 0090, 0092..0094 cert-show: show subject alternative names
Petr Vobornik
pvoborni at redhat.com
Thu Aug 4 16:18:29 UTC 2016
On 07/22/2016 07:13 AM, Fraser Tweedale wrote:
> On Tue, Jul 19, 2016 at 08:50:34AM +0200, Jan Cholasta wrote:
>> Hi,
>>
>> On 14.7.2016 13:44, Fraser Tweedale wrote:
>>> Hi all,
>>>
>>> The attached patch includes SANs in cert-show output. If you have
>>> certs with esoteric altnames (especially any that are more than just
>>> ASN.1 string types), please test with those certs.
>>>
>>> https://fedorahosted.org/freeipa/ticket/6022
>>
>> I think it would be better to have a separate attribute for each supported
>> SAN type rather than cramming everything into subject_alt_name. That way if
>> you care only about a single specific type you won't have to go through all
>> the values and parse them. Also it would allow you to use param types
>> appropriate to the SAN types (DNSNameParam for DNS names, Principal for
>> principal names, etc.)
>>
>> Nitpick: please don't mix moving existing stuff and adding new stuff in a
>> single patch.
>>
> Updated patches attached.
>
> Patches 0092..0094 are refactors and bugfixes.
> Patch 0090-2 is the main feature (depends on 0092..0094).
>
> Thanks,
> Fraser
>
bump for review
--
Petr Vobornik
More information about the Freeipa-devel
mailing list