[Openswan dev] ID_DER_ASN1_DN change in 2.5.17, was Re: [Openswan Users] Openswan on Fedora 9

Michael Richardson mcr at sandelman.ottawa.on.ca
Wed Jun 11 17:42:56 EDT 2008

>>>>> "Tuomo" == Tuomo Soini <tis at foobar.fi> writes:
    Tuomo> In fact I might add relaxing this requirement is BAD because
    Tuomo> all other implementations require this and relaxin this
    Tuomo> requirement break interoperability with others.

  You can always comply with the requirement voluntarily.
  You can't go the other way.

  IKEv2 says that you are not supposed to lock the ID to the certificate

]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson, Sandelman Software Works, Ottawa, ON    |net architect[
] mcr at sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [

More information about the Dev mailing list