[sr-dev] TLS inspection for authentication

Jan Janak jan at ryngle.com
Thu May 26 05:03:10 CEST 2011


On Wed, May 25, 2011 at 16:34, Iñaki Baz Castillo <ibc at aliax.net> wrote:
> 2011/5/25 Jan Janak <jan at ryngle.com>:
>> One list is here:
>> http://sip-router.org/wiki/cookbooks/selects/devel
>
> Thanks Jan. Let me one question more:
>
> RFC 5280 states that when receiving a TLS certificate, each value of
> subjectAltName must be inspected and just taken in case its Type is
> "URI" or "DNS":
>
>  http://tools.ietf.org/html/rfc5922#section-7.1
>
> I'm not sure whether I can retrieve *all* (various) subjectAltName in
> the certificate (given the list of selects in your provided link). Is
> it possible? If so, how could I check its Type?

I don't remember implementing that, so it's probably not possible with
existing code. Nevertheless, it should be fairly easy to add.

-Jan



More information about the sr-dev mailing list