[issue29824] Hostname validation in SSL match_hostname()
Alex Gaynor
report at bugs.python.org
Wed Sep 6 16:06:37 EDT 2017
Alex Gaynor added the comment:
An additional problem in (2) is that a cert for *.google _is_ legal if the CA can prove that a single organization controls the entire TLD:
https://crt.sh/?id=7668286
----------
nosy: +Alex Gaynor
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue29824>
_______________________________________
More information about the Python-bugs-list
mailing list