Hi Arne, On Wednesday 06 March 2013 22:38:56 Arne Schwabe wrote: > I looked through these and I think they are okay. Since most users don't > know what RDN, RDN prefix and DN are an example like
I just sent a second version of 3/3 including examples in the man page, as you suggested. > Most user and certificates will probably use the second form with > subject. I also think that for standard x509 certificates it may be a > good option to also include name-suffix so you can do: > > verify-x509-name .blinkt.de name-suffix While this could be added, I'd rather wait until someone demands it strongly, as I think the "name-prefix" flags is of use for a very limited audience already and included mostly for compatibility with the --tls-remote feature set. Thanks for the review! Heiko
