Re: [exim-dev] [Bug 2594] CNAME handling can break TLS certi…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
M\.Madmin at <-
MMMMJeremy Harris at ->
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-dev@exim.org
Subject: Re: [exim-dev] [Bug 2594] CNAME handling can break TLS certificate verification
On 08/06/2020 14:51, Viktor Dukhovni via Exim-dev wrote:
> On Mon, Jun 08, 2020 at 12:48:22PM +0000, admin--- via Exim-dev wrote:
>
>> https://bugs.exim.org/show_bug.cgi?id=2594
>>
>> --- Comment #1 from Jeremy Harris <jgh146exb@???> ---
>> Can you locate a standards document specifying the name that should be checked
>> against the certificate?
>
> Yes: https://tools.ietf.org/html/rfc6125#appendix-B.4

So, actually RFC 3207 - and only "probably". Not even SHOULD.
Ho hum.
--
Cheers,
Jeremy

This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-[exim-dev] [Bug 2595] Allow custom socket path for SYSLOG[exim-dev] [Bug 2595] Allow custom socket path for SYSLOG->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)