cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: subjectAltName does not match - Wrong test?!

From: Michael Wood <esiotrot_at_gmail.com>
Date: Tue, 15 Sep 2009 11:54:50 +0200

2009/9/15 Sven Anders <anders_at_anduras.de>:
> Michael Wood schrieb:
>> 2009/9/15 Sven Anders <anders_at_anduras.de>:
>>
>>> Yes and No. An DNS or IP entry should match, but I can have other
>>> entries (like email, RID, URI, otherName,...) too.
>>> These should not considered when trying to match.
>>
>> OK, but is it OK to have Subject: C=DE,...C=Germany? �Why do you have
>> the country in there twice? �And why no CN=hostname?
>>
> Ok, this is wrong. But it's not the cause of the problem.
>
>> Are you saying that the hostname check should not be done because
>> there isn't one in the certificate?
>>
> Yes, it should then checked against the CN.
> (See Peter Sylvester's first answer...)

Ah, no I was asking if you thought it should not check the hostname
because in your initial message there was no CN.

Now I see what you mean.

-- 
Michael Wood <esiotrot_at_gmail.com>

Received on 2009-09-15

This message: [ Message body ]
Next message: Sven Anders: "Re: subjectAltName does not match - Wrong test?!"
Previous message: Sven Anders: "Re: subjectAltName does not match - Wrong test?!"
In reply to: Sven Anders: "Re: subjectAltName does not match - Wrong test?!"
Next in thread: Daniel Stenberg: "Re: subjectAltName does not match - Wrong test?!"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]