In some entities (e.g. ours), the O, OU, DC triplet is not detailled enough or not appropriate, which makes it impossible to authenticate through x509.

For exemple, in our entity, the O and OU are the same for all certificates (because all servers are in the same Organisation Unit), and the DC field is not used. We do use other fields though.
Because of that, we can't use the x509 authentication feature, although it is strongly asked for by the security Team.

Would it be possible to enhance the x509 authentication mechanism to allow more flexibility for the authentication's fields?