Re: stupid question on LDAP support

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Murray S. Kucherawy <msk_at_blackops.org>
Date: Fri, 19 Feb 2010 10:20:19 -0800 (PST)

On Fri, 19 Feb 2010, Mike Markley wrote:
> So realistically, my KeyTable will be passed the... domain or email
> address in $d? And should return one attribute? And the SigningTable
> will be passed the contents of THAT attribute (again in $d) and should
> return three attributes?

The other way 'round:

The SigningTable will be passed first the full user_at_host.domain from the
From: header field, then the host.domain, then user_at_.domain, then .domain,
then just "*". On the first match (or if MultipleSignatures is set, on
each match), the returned value is expected to be the name of a key. That
key is then passed to a KeyTable query, which is expected to return a
three-part value containing the signing domain, the signing selector, and
either a PEM-formatted private key or the path to a file containing a
PEM-formatted private key. Then that tuple will be used to generate what
the filter calls a "signing request" that results in a signature being
added to the message.
Received on Fri Feb 19 2010 - 18:20:40 PST

This archive was generated by hypermail 2.3.0 : Mon Oct 29 2012 - 23:32:52 PST