On Thu, Mar 03, 2022 at 11:06:45AM +1000, Alex Wilson wrote:
> On 2/3/22 18:21, Theo Buehler wrote:
> >
> > At this point it would probably make more sense to use two switches, one
> > for is_nc and one for !is_nc, and perhaps factor them into two
> > helper functions.
>
> I stared at this code a
On Wed, Mar 02, 2022 at 04:38:46PM +1000, Alex Wilson wrote:
> I've been trying to create new CA certificates with nameConstraints on them
> using the libcrypto in -current, and it doesn't work.
>
> Example snippet from config:
>
> [name_constraints]
> permitted;DNS.0 = .foo.com
>
> This blows u
