Closed
Bug 194285
Opened 22 years ago
Closed 21 years ago
wildcards in ssl certificate are not being handled according to rfc 2818
Categories
(NSS :: Libraries, defect, P3)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 159483
3.9
People
(Reporter: mozbug1, Assigned: nelson)
References
()
Details
(Whiteboard: [rfc2818][cert])
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021130 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021130 According to rfc 2818: Names may contain the wildcard character * which is considered to match any single domain name component or component fragment. E.g., *.a.com matches foo.a.com but not bar.foo.a.com. f*.com matches foo.com but not bar.com. If you go to https://a.foo.bar.d1.selectacast.net/ mozilla does not complain about a hostname mismatch, even though the CN is good only for *.*.d1.selectacast.net Reproducible: Always Steps to Reproduce: 1. Go to https://a.foo.bar.d1.selectacast.net/ I may change this certificate soon, so it may break the example.
Updated•22 years ago
|
Status: UNCONFIRMED → NEW
Component: Daemon → Client Library
Ever confirmed: true
OS: Linux → All
Priority: -- → P3
Hardware: PC → All
Version: unspecified → 2.4
Comment 1•21 years ago
|
||
The certificate wildcard processing is not done by PSM, but by NSS. Over to NSS for investigation.
Assignee: ssaux → wtc
Component: Client Library → Libraries
Product: PSM → NSS
QA Contact: junruh → bishakhabanerjee
Version: 2.4 → 3.0
Comment 2•21 years ago
|
||
Nelson, could you take a look at this? We should evaluate whether anyone may possibly depend on this bug.
Assignee: wtc → nelsonb
Whiteboard: [rfc2818][cert]
Target Milestone: --- → 3.9
Assignee | ||
Comment 3•21 years ago
|
||
Bug 159483 is intended to address all the differences beween NSS and RFC 2818. I will add more comments to that bug shortly. *** This bug has been marked as a duplicate of 159483 ***
Status: NEW → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•