NTS Wildcard Certificates

Richard Laager rlaager at wiktel.com
Mon Nov 18 20:51:30 UTC 2019

On 11/18/19 2:36 PM, Gary E. Miller via devel wrote:
> I would say another config option.  Both for client and server.

I don't see why we would need a config option for the server. If you
don't want a wildcard cert there, don't use one. If you do, do. No need
to configure.

If someone wants an option to disable wildcard certs on the client, I'm
not opposed, but it should default to having them enabled. Otherwise,
interoperability as a client is compromised. The client would not be
able to connect, by default, with e.g. "cloud deployments and large


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ntpsec.org/pipermail/devel/attachments/20191118/61032385/attachment.bin>

More information about the devel mailing list