[rabbitmq-discuss] rabbitmq_auth_mechanism_ssl limitations

Massimo Paladin Massimo.Paladin at cern.ch
Thu Jul 7 17:17:24 BST 2011


Matthias, would you say there is no way to get this right?

In any case I think this implementation is not very useful since it takes
one CN (which one if multiple?) as username and limit to only one CA
signed certificates.

Cheers,
---
Massimo Paladin

email: massimo.paladin at gmail.com
website: http://www.mpaladin.com
flickr's page: http://flickr.com/photos/massimop



On Tue, Jul 5, 2011 at 4:21 PM, Matthias Radestock
<matthias at rabbitmq.com> wrote:
> Massimo,
>
> On 05/07/11 15:05, Massimo Paladin wrote:
>>
>> Looking at openssl there is an rfc which tells how to convert from asn.1
>> to string: http://www.ietf.org/rfc/rfc2253.txt
>
> It wouldn't be ASN.1 if there wasn't a more recent version of any given
> spec, in this case http://www.ietf.org/rfc/rfc4514.txt
>
> Anyway, the conversion specified therein is not isomorphic w.r.t.
> equivalence, i.e. two DNs which are considered equal (there are bunch of
> RFCs which define what that means) are not necessarily represented by the
> same string.
>
>
> Matthias.
>


More information about the rabbitmq-discuss mailing list