[issue1589] New SSL module doesn't seem to verify hostname against commonName in certificate
Devin Cook
report at bugs.python.org
Mon Oct 4 19:08:46 CEST 2010
Devin Cook <devin.c.cook at gmail.com> added the comment:
I think it looks good except for the wildcard checking. According to the latest draft of that TLS id-checking RFC, you aren't supposed to allow the wildcard as part of a fragment. Of course this contradicts RFC 2818.
http://tools.ietf.org/html/draft-saintandre-tls-server-id-check-09#section-4.4.3
If this gets accepted, I'll submit a patch to http.client and urllib that makes use of it.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue1589>
_______________________________________
More information about the Python-bugs-list
mailing list