[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5938) tls.c does not conform to RFC 4513

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5938) tls.c does not conform to RFC 4513
From: h.b.furuseth@usit.uio.no
Date: Tue, 10 Feb 2009 16:29:06 GMT

quanah@zimbra.com writes:
> This is because the Cert vendors themselves don't honor the RFC's when
> issuing wildcard certs, and was added so that their broken wildcard
> certs could still be used.

In that case, maybe there should be a config option to turn this
behavior on/off, and documentation which explains that it breaks TLS
the standard and why it does so.

If nothing else, it may get more people to complain to the cert vendors.

-- 
Hallvard

Prev by Date: Re: (ITS#5938) tls.c does not conform to RFC 4513
Next by Date: Re: (ITS#5938) tls.c does not conform to RFC 4513
Index(es):
- Chronological
- Thread