Re: [pkix] Fully Qualified Domain Name (FQDN) in DN and Name Constraints
Peter Sylvester <Peter.Sylvester@edelweb.fr> Tue, 10 April 2012 07:58 UTC
Return-Path: <Peter.Sylvester@edelweb.fr>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5DB6B21F8796 for <pkix@ietfa.amsl.com>; Tue, 10 Apr 2012 00:58:15 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gD+yp6098fjq for <pkix@ietfa.amsl.com>; Tue, 10 Apr 2012 00:58:14 -0700 (PDT)
Received: from mx1.on-x.com (mx1.on-x.com [92.103.215.13]) by ietfa.amsl.com (Postfix) with ESMTP id 5E7A521F877E for <pkix@ietf.org>; Tue, 10 Apr 2012 00:58:14 -0700 (PDT)
Received: from varuna.puteaux.on-x (varuna.puteaux.on-x [192.168.10.6]) by mx1.on-x.com (Postfix) with ESMTP id 574AB7EE5 for <pkix@ietf.org>; Tue, 10 Apr 2012 09:58:13 +0200 (CEST)
Received: from smtps.on-x.com (mintaka.puteaux.on-x [192.168.14.11]) by varuna.puteaux.on-x (Postfix) with ESMTP id 459B27BAED1 for <pkix@ietf.org>; Tue, 10 Apr 2012 09:56:57 +0200 (CEST)
Received: from [192.168.2.42] (p5DE4966E.dip.t-dialin.net [93.228.150.110]) by smtps.on-x.com (Postfix) with ESMTPSA id 883B3236370 for <pkix@ietf.org>; Tue, 10 Apr 2012 03:54:00 -0400 (EDT)
Message-ID: <4F83E812.1080301@edelweb.fr>
Date: Tue, 10 Apr 2012 09:58:10 +0200
From: Peter Sylvester <Peter.Sylvester@edelweb.fr>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:11.0) Gecko/20120329 Thunderbird/11.0.1
MIME-Version: 1.0
To: pkix@ietf.org
References: <B83745DA469B7847811819C5005244AF0F60C128@scygexch7.cygnacom.com>
In-Reply-To: <B83745DA469B7847811819C5005244AF0F60C128@scygexch7.cygnacom.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [pkix] Fully Qualified Domain Name (FQDN) in DN and Name Constraints
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Apr 2012 07:58:15 -0000
Hi,
Can someone describe how in sight of rfc 6125 one can effectively
construct name constraints that allow to only have services
maiul, web, etc to *.example.com, fallback to common name
included.
C=NN; O="white rabbit"; cn="www.example.com"
Thanks.
- [pkix] Fully Qualified Domain Name (FQDN) in DN a… Santosh Chokhani
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Anders Rundgren
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Ryan Sleevi
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Peter Sylvester
- [pkix] Fwd: Re: Fully Qualified Domain Name (FQDN… Erwann Abalea
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Martin Rex
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Martin Rex
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Santosh Chokhani
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Martin Rex
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Santosh Chokhani
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Martin Rex
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Santosh Chokhani
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Santosh Chokhani
- Re: [pkix] Fully Qualified Domain Name (FQDN) in … Martin Rex