[rabbitmq-discuss] X.509 client authentication

• Previous message: [rabbitmq-discuss] X.509 client authentication
• Next message: [rabbitmq-discuss] More RabbitMQ tutorials available
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 10/01/11 10:35, Simon MacMullen wrote:
> I think the Java format is RFC 4514, which is more of a standard. What
> 'openssl x509 -subject' gives back isn't documented anywhere that I can
> see.

The openssl "-nameopt RFC2253" option produces standards-compliant output.

See http://www.lshift.net/blog/2007/10/30/whats-in-a-distinguished-name 
for a nice little primer on DNs and DN equivalence.

> So we'd want to answer questions like:
>
> * Since matching for some types of RDNs is case insensitive, should we
> covert these to lower case, upper case or what?
>
> * Since there are multiple ways to escape, which is canonical?

+ how to deal with multi-valued RDNs.


Matthias.

• Previous message: [rabbitmq-discuss] X.509 client authentication
• Next message: [rabbitmq-discuss] More RabbitMQ tutorials available
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]