(sorry about the null message.)
I am looking for a summary of people's experiences with using client
certs to authenticate end users to Unix services.
How are you mapping a client cert to a local Unix account name?
Are you using a field within the cert? If so, which one(s)? Are
different fields used for different services?
Or are you using some form of Certificate MApping Service which takes
a validated cert as input and returns a local account name? If so,
how are you implementing this service?
Are you issuing a single cert for multiple services? Or one cert per
service?
Thanks.
Jeffrey Altman * Sr.Software Designer * Kermit-95 for Win32 and OS/2
The Kermit Project * Columbia University
612 West 115th St #716 * New York, NY * 10025
http://www.kermit-project.org/k95.html * [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]