[Freeipa-devel] [freeipa PR#228][opened] cert-request: allow directoryName in SAN extension
frasertweedale
freeipa-github-notification at redhat.com
Thu Nov 10 11:53:56 UTC 2016
URL: https://github.com/freeipa/freeipa/pull/228
Author: frasertweedale
Title: #228: cert-request: allow directoryName in SAN extension
Action: opened
PR body:
"""
Allow directoryName in SAN extension if the value matches the
subject principal's DN in the IPA directory.
Fixes: https://fedorahosted.org/freeipa/ticket/6112
---
A bit of commentary about this feature: it was just a drive-by case
of "hey I could implement this in a way that I think makes sense".
Noone actually asked for it (yet).
Also, there is not agreement that using directoryName to carry the
DN of the subject is valid. On my part, I think it is obviously
valid, but see the original review thread for discussion:
https://www.redhat.com/archives/freeipa-devel/2016-August/msg00714.html
I had to rebase this commit and resolve conflicts, so now it is a PR
and it can age in oak on GitHub instead of the mailing list :)
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/228/head:pr228
git checkout pr228
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-pr-228.patch
Type: text/x-diff
Size: 1587 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20161110/fbf4b0f7/attachment.bin>
More information about the Freeipa-devel
mailing list