Re: [PATCH] crypto: allow client/server cert chains

["Daniel P. Berrangé" <berrange@redhat.com>]

On Mon, Feb 13, 2023 at 01:00:49PM -0500, matoro_mailinglist_qemu--- via wrote:
> From: matoro <matoro@users.noreply.github.com>
> 
> The existing implementation assumes that client/server certificates are
> single individual certificates.  If using publicly-issued certificates,
> or internal CAs that use an intermediate issuer, this is unlikely to be
> the case, and they will instead be certificate chains.  While this can
> be worked around by moving the intermediate certificates to the CA
> certificate, which DOES currently support multiple certificates, this
> instead allows the issued certificate chains to be used as-is, without
> requiring the overhead of shuffling certificates around.
> 
> Corresponding libvirt change is available here:
> https://gitlab.com/libvirt/libvirt/-/merge_requests/222
> 
> Signed-off-by: matoro <matoro_mailinglist_qemu@matoro.tk>

I'm afraid that because the Signed-off-by is intended as a legal
statement that you're permitted to contribute this change, we
require it to use the person's legal recognised real name (both
forename + surname), not a psuedo-name, nor merely a partial
name. Could you either resend this submission, or just reply
to this mail giving a new Signed-off-by.

The email address can be of your choosing, but should generally
be matched to the git commit authorship


With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|