On Thu, Jun 09, 2016 at 12:00:06PM +0200, Lukas Slebodnik wrote:
On (07/06/16 15:13), Jakub Hrozek wrote:
>On Tue, Jun 07, 2016 at 03:11:49PM +0200, Sumit Bose wrote:
>> On Tue, Jun 07, 2016 at 02:42:56PM +0200, Jakub Hrozek wrote:
>> > On Mon, May 30, 2016 at 04:32:20PM +0200, Sumit Bose wrote:
>> > > > oops, yes I guess this would be a good idea. I'll send a new
>> > > >
>> > >
>> > > new version attached.
>> > >
>> > > bye,
>> > > Sumit
>> > One last question, do we want to add the ocsp_default_responder and
>> > ocsp_default_responder_signing_cert options to configAPI?
>> No, because I think the configAPI is currently not capable of this
>> because both are only allowed options to certificate_verification as
>> e.g. no_ocsp or no_verification.
>OK, makes sense.
>Thank you, ACK.
I would like to backport these patches to sssd-1-13, because without
them, the patches for upstream #2977 do not apply cleanly and I think
it's better to apply more upstream patches than to backport and fork.