x509v3-sign-rsa authentication type...
Kevin Stefanik
kstef at mtppi.org
Fri May 9 07:07:22 EST 2003
On Thursday 08 May 2003 02:05 pm, Markus Friedl wrote:
> On Thu, Apr 24, 2003 at 01:48:55PM -0400, Kevin Stefanik wrote:
> > I've seen a variety of patches on the list for supporting the x509v3
> > certificate authentication. Are there any plans to include any of these
> > in the official openssh?
>
> perhaps a simpler version.
I've been using Rouen's patch, quite happily, for a couple of weeks now. The
simpler patches didn't seem to be as full, e.g., lacking CRLs. From what I
saw, most of the complexity was in the x509 store. The actual changes to
openssh code didn't seem extreme. Or were they?
Would splitting out the x509 store somehow help? Maybe there's a way to split
the patch out into more digestible parts?
Thanks,
Kevin
More information about the openssh-unix-dev
mailing list