[rt-users] S/MIME

[Jay Kline]

Jesse Vincent wrote:
>
> On Apr 23, 2008, at 5:12 PM, Jay Kline wrote:
>> Our organization makes heavy use of S/MIME for signatures and encryption
>> of email, and we would like RT to indicate if a message is signed, and
>> has a valid signature.  I saw a few mentions of it in the archives, but
>> most are old or inconclusive.
>
> We did a full integration for a client, but haven't found the cycles
> to polish it for release just yet :/
>

Would you be willing to share the patch, even if it dosnt get included
in the release? It surely would be helpful :-)

>
>> Related to this, we use these certs for client auth in web browers, has
>> anyone configured RT to use client certs for auth instead of cookies, or
>> HTTP auth?
>>
> RT has support for HTTP auth (say, using apache's support for certs)
> as a flag in the config file.
>

Yep, unfortunately this makes for  really ugly usernames, as Apache sets
the username to the full DN of the cert, we would ideally like to just
use the CN, or map it to another name entirely (like the email address). 

If its not really been done, Ill probably implement something using the
Cookie based external auth that is already out there.

Jay