You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/01/21 15:31:39 UTC
[jira] [Commented] (DISPATCH-200) Flexible mapping from x.509
certificates to an identity
[ https://issues.apache.org/jira/browse/DISPATCH-200?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15110652#comment-15110652 ]
ASF GitHub Bot commented on DISPATCH-200:
-----------------------------------------
GitHub user ganeshmurthy opened a pull request:
https://github.com/apache/qpid-dispatch/pull/42
DISPATCH-200 - Generated a unique identity from a client certificate…
… for the purpose of indexing into access policy
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/ganeshmurthy/qpid-dispatch DISPATCH-200
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/qpid-dispatch/pull/42.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #42
----
commit 64b9bc0a0e445e4ba70512ac02396d564c481380
Author: Ganesh Murthy <gm...@redhat.com>
Date: 2016-01-21T14:27:04Z
DISPATCH-200 - Generated a unique identity from a client certificate for the purpose of indexing into access policy
----
> Flexible mapping from x.509 certificates to an identity
> -------------------------------------------------------
>
> Key: DISPATCH-200
> URL: https://issues.apache.org/jira/browse/DISPATCH-200
> Project: Qpid Dispatch
> Issue Type: New Feature
> Components: Container
> Reporter: Ted Ross
> Assignee: Ganesh Murthy
> Fix For: 0.7
>
>
> x.509 certificates contain structured data. It is necessary to be able to generate a unique identity from a certificate for the purpose of indexing into access policy.
> The proposed feature will contain a descriptor that is part of an ssl-profile configuration that specifies the format and content of the identity in terms of the fields of a certificate.
> For example, the identity can be the certificate fingerprint, or the distinguished name, or the combination of more than one field.
> A further enhancement is to provide a secondary mapping from the above identity to a configured nickname. For example, a user may want to use the fingerprint as the identity field but wishes to write policy and view management data containing a more friendly "display" name rather than the raw fingerprint.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org