Closed
Bug 583297
Opened 14 years ago
Closed 14 years ago
Using absolute Domain Names will make certificate check fail
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 134402
People
(Reporter: riedel, Unassigned)
References
()
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 If using the correct FQDN ie. absolute DNS Notation the certificate check fails. See RFC 1034:"Since a complete domain name ends with the root label, this leads to a printed form which ends in a dot." Reproducible: Always Steps to Reproduce: 1. Browse to https://www.mozilla.org./ 2. Browse to https://www.mozilla.org/ Actual Results: First alternative gives "This Connection is Untrusted" Relates to Bug #234058, which IMHO wrongly assumes relative notations as fully qualified names. Users should use absolute notation with a trailing dot to be sure they reach the server they intent to. Firefox should rather automatically expand relative domain names if this is a security problem.
Updated•14 years ago
|
Assignee: nobody → nobody
Component: Security → Libraries
Product: Core → NSS
QA Contact: toolkit → libraries
Updated•14 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
Comment 1•14 years ago
|
||
This issue has come up before. Please look for the duplicate bug. It might be a PSM bug. It's not an NSS problem.
Comment 2•14 years ago
|
||
Found it.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•