Page MenuHomeFreeBSD
Differential D26225

add an entry for X.509 certificate subjAltName otherName field
ClosedPublic
Actions

Authored by rmacklem on Aug 29 2020, 2:38 AM.
Tags
None
Referenced Files
Unknown Object (File)
Mar 18 2024, 4:48 PM
Unknown Object (File)
Feb 23 2024, 1:52 PM
Unknown Object (File)
Dec 20 2023, 12:14 AM
Unknown Object (File)
Dec 8 2023, 3:54 PM
Unknown Object (File)
Dec 3 2023, 11:55 PM
Unknown Object (File)
Nov 19 2023, 11:03 AM
Unknown Object (File)
Nov 17 2023, 5:34 PM
Unknown Object (File)
Nov 9 2023, 4:47 AM
View All 19 Files
Subscribers
gordon
imp
philip
pi

Details

Reviewers
phk
gordon
Commits
rS365309: Add entries for the OID used for NFS-over-TLS "user@domain".
Summary

The otherName component of the subjAltName field in an X.509
certificate needs to be identified by an Internet OID.

This entry creates 1.3.6.1.4.1.2238.1.1 as a subtree for these.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

rmacklem created this revision.Aug 29 2020, 2:38 AM
Herald added a subscriber: imp. · View Herald TranscriptAug 29 2020, 2:38 AM
rmacklem requested review of this revision.Aug 29 2020, 2:38 AM
Harbormaster completed remote builds in B33226: Diff 76333.Aug 29 2020, 2:38 AM
rmacklem updated this revision to Diff 76359.Aug 30 2020, 12:39 AM

I figure this file is as good a place to document the
subtree.

How does this patch look?
--> I intend to use 1.3.6.1.4.1.2238.1.1.1 for "user@domain"

subjAltName otherName entries.
Harbormaster completed remote builds in B33234: Diff 76359.Aug 30 2020, 12:39 AM
rmacklem updated this revision to Diff 76366.Aug 30 2020, 3:38 PM

Added a REVISION entry similar to other MIB files.

Harbormaster completed remote builds in B33236: Diff 76366.Aug 30 2020, 3:38 PM
pi added a subscriber: pi.Aug 30 2020, 3:55 PM
phk added a comment.Sep 1 2020, 8:20 AM

Sorry about the delay, I have bounced this upstairs, to make sure I dont overlook any security implications from this.

philip added a subscriber: philip.Sep 1 2020, 9:10 AM
gordon added a subscriber: gordon.Sep 2 2020, 5:33 AM
gordon added inline comments.
FREEBSD-MIB.txt
51 ↗(On Diff #76366)

Per my email, I'd like to see better documentation to show this is meant for NFS otherwise it's not going to be clear over time why this is here.

rmacklem updated this revision to Diff 76577.Sep 3 2020, 1:40 AM

Although it is not really NFS specific, NFS is probably the
only use case that will happen in my lifetime, so define
it as NFS specific and comment w.r.t. where it is handled.

If a non-NFS use case shows up, a different # can be assigned.

Harbormaster completed remote builds in B33350: Diff 76577.Sep 3 2020, 1:40 AM
rmacklem marked an inline comment as done.Sep 3 2020, 1:42 AM

Modify the entry to be NFS specific and add a comment
w.r.t. where it is handled, per inline comment.

rmacklem added a reviewer: gordon.Sep 3 2020, 1:43 AM
gordon accepted this revision.Sep 3 2020, 3:28 AM

LGTM

This revision is now accepted and ready to land.Sep 3 2020, 3:28 AM
phk accepted this revision.Sep 3 2020, 6:01 AM
Closed by commit rS365309: Add entries for the OID used for NFS-over-TLS "user@domain". (authored by rmacklem). · Explain WhySep 3 2020, 8:43 PM
This revision was automatically updated to reflect the committed changes.
rmacklem added a commit: rS365309: Add entries for the OID used for NFS-over-TLS "user@domain"..

Revision Contents
Changeset List

PathSize
head/
share/
snmp/
mibs/
20 lines

Diff 76625

View Options

head/share/snmp/mibs/FREEBSD-MIB.txt

Loading...