[foaf-protocols] This message should be signed

Kingsley Idehen kidehen at openlinksw.com
Mon Jun 22 18:31:59 CEST 2009


Toby A Inkster wrote:
> On 20 Jun 2009, at 09:26, Toby Inkster wrote:
>
>   
>> Some SSL error message came up in Evolution when sending it, but it
>> didn't give me the chance to stop it sending.
>>     
>
> I've been looking at Apple Mail's support for this too, but it  
> appears to only pick up on a certificate if the subjectAltName  
> exactly matches the mail account's e-mail address. Obviously that  
> can't work for FOAF+SSL keys as we've been using them so far.
>
> However, technically subjectAltName is a comma-separated list, so I  
> could have:
>
> subjectAltName=email:foo at example.com,URI:http://example.com/foo#me
>
> The CGI::Auth::FOAF_SSL module doesn't support subjectAltNames like  
> that, but I think that it probably should. I don't know whether Apple  
> Mail supports them either. I'll try to get around to experimenting  
> with this some more.
>
>   
Toby,

Nice spotting as per usual!

We should honor the format outlined by the spec re. subjectAltName. Even 
better bearing in mind that email addresses are bona fide indirect 
identifiers (IFPs).

Email spam death march is now in full progress :-)

-- 


Regards,

Kingsley Idehen	      Weblog: http://www.openlinksw.com/blog/~kidehen
President & CEO 
OpenLink Software     Web: http://www.openlinksw.com






More information about the foaf-protocols mailing list