custom stuff in a certificate

Sat, 06 Mar 2004 00:40:09 -0800

I'm working on a server that will handle connections from clients on two different interfaces -- a public interface and a private. What I would like to do is somehow encode into a certificate which interface the client is allowed to connect on. (I realize that there is no technical reason for a client preferring one interface over the other, but this is for a business/political reason. Clients allowed to connect via the private interface must be excluded from the public interface and vis versa.)

How would I go about encoding my own information into a certificate like this? I'm guessing it has something to do with OID's, but I know nothing about creating my own.

I figure that if I could encode the allowed interface name into an OID, then during certificate validation I could compare that field to the interface they connected on.

If this is the right track, could someone direct me to the resources I should study for creating OIDs that don't create conflicts with existing OIDs?

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply via email to