Administering HostIdMappings extensions
You can add a HostIdMappings extension to certificates
you create for certain users, allowing you to specify the user IDs
that each user is able to use for login to particular servers (or hosts).
Controlling an identity that is used for login purposes is an important
security objective. Therefore, you must exercise administrative control
in the following areas by authorizing:
- PKI Services as a highly trusted certificate authority whose certificates are honored when they contain HostIdMappings extensions
- Particular servers to accept logins from clients whose certificates contain HostIdMappings extensions