Re: RFC 3207 (STARTTLS) question
Harald Tveit Alvestrand <harald@alvestrand.no> Thu, 01 September 2005 11:27 UTC
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j81BR4qL021381; Thu, 1 Sep 2005 04:27:04 -0700 (PDT) (envelope-from owner-ietf-smtp@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j81BR4hV021380; Thu, 1 Sep 2005 04:27:04 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smtp@mail.imc.org using -f
Received: from eikenes.alvestrand.no (eikenes.alvestrand.no [158.38.152.233]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j81BR3FW021371 for <ietf-smtp@imc.org>; Thu, 1 Sep 2005 04:27:03 -0700 (PDT) (envelope-from harald@alvestrand.no)
Received: from localhost (eikenes.alvestrand.no [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id DA9173200A8; Thu, 1 Sep 2005 13:26:43 +0200 (CEST)
Received: from eikenes.alvestrand.no ([127.0.0.1]) by localhost (eikenes.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 23619-02; Thu, 1 Sep 2005 13:26:40 +0200 (CEST)
Received: from halvestr-w2k02.emea.cisco.com (eikenes.alvestrand.no [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id 2FA1632009D; Thu, 1 Sep 2005 13:26:40 +0200 (CEST)
Date: Thu, 01 Sep 2005 12:38:45 +0200
From: Harald Tveit Alvestrand <harald@alvestrand.no>
To: t.schorpp@gmx.de, ietf-smtp@imc.org
Subject: Re: RFC 3207 (STARTTLS) question
Message-ID: <DFFFD9A367DB8FF02F4ED32A@B50854F0A9192E8EC6CDA126>
In-Reply-To: <4316C15E.6030705@gmx.de>
References: <3DE6D776E6459703EA102867@B50854F0A9192E8EC6CDA126> <4316C15E.6030705@gmx.de>
X-Mailer: Mulberry/4.0.3 (Win32)
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="==========6E63C0602ADE4AD3CE05=========="
X-Virus-Scanned: by amavisd-new at alvestrand.no
Sender: owner-ietf-smtp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smtp/mail-archive/>
List-ID: <ietf-smtp.imc.org>
List-Unsubscribe: <mailto:ietf-smtp-request@imc.org?body=unsubscribe>
--On 1. september 2005 10:52 +0200 thomas schorpp <t.schorpp@gmx.de> wrote: >> How does my server know which certificate to present to the client, so >> that the above general rule is satisfied? > > by the requested peerDN. script or implement it. which field specified in RFC 2246 do you mean? it would have to be sent in/with a ClientHello (since this is the only message that goes across before the server presents its ceritficate following a ServerHello), but there is no such field in the ClientHello message. There's a proposal in draft-ietf-tls-rfc3546bis-01 to add a hostname, but that would hardly fit the name of "peerDN". or did you mean the DN of the client? How would that help, given that any peer can send mail to any of the domains and addresses my server works for? Harald
- RFC 3207 (STARTTLS) question Harald Tveit Alvestrand
- Re: RFC 3207 (STARTTLS) question ned+ietf-smtp
- Re: RFC 3207 (STARTTLS) question Tony Finch
- Re: RFC 3207 (STARTTLS) question Claus Assmann
- Re: RFC 3207 (STARTTLS) question Harald Tveit Alvestrand
- Re: RFC 3207 (STARTTLS) question Eric A. Hall
- Re: RFC 3207 (STARTTLS) question Cyrus Daboo
- Re: RFC 3207 (STARTTLS) question Tony Finch
- Re: RFC 3207 (STARTTLS) question Harald Tveit Alvestrand
- Re: RFC 3207 (STARTTLS) question thomas schorpp
- Re: RFC 3207 (STARTTLS) question thomas schorpp