Victor Duchovni wrote:
The RFC recommends that one leave out the subject DN, and add a critical extension with altNames. This does not really explain how matching should work when the subject DN is present. HTTPS is not necessarily normative for STARTTLS with SMTP, but in the absence of other guidance, the HTTPS recommendations have been adopted in other application areas.
True; there is a fair amount of work going on in SIP that is based on the use of X.509 certs in HTTPS. - vijay -- Vijay K. Gurbani [EMAIL PROTECTED],research.bell-labs.com,acm.org} Bell Laboratories, Lucent Technologies, Inc. 2701 Lucent Lane, Rm. 9F-546, Lisle, Illinois 60532 (USA) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]