[exim-dev] [Bug 2594] CNAME handling can break TLS certifica…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: admin
Data:  
Para: exim-dev
Temas antigos: [exim-dev] [Bug 2594] New: CNAME handing can break TLS certificate verification
Asunto: [exim-dev] [Bug 2594] CNAME handling can break TLS certificate verification
https://bugs.exim.org/show_bug.cgi?id=2594

--- Comment #4 from Chris Paulson-Ellis <chris@???> ---
The STARTTLS RFC 3207 is not very helpful, describing it as a local matter and
using words like probably:

4.1 Processing After the STARTTLS Command

...

The decision of whether or not to believe the authenticity of the
other party in a TLS negotiation is a local matter. However, some
general rules for the decisions are:

   -  A SMTP client would probably only want to authenticate an SMTP
      server whose server certificate has a domain name that is the
      domain name that the client thought it was connecting to.


--
You are receiving this mail because:
You are on the CC list for the bug.