Comment 57 for bug 376484
Revision history for this message
|
|
#57 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
I received some feedback from a Sun Java developer, saying that JSSE's
interpretation of wildcards allows "*" to appear any number of times in
each component of a DNS name in a cert. It simply does not match a dot.
So, for example, given an attempt to connect to https:/
JSSE would match java.sun.com with
j*.sun.com
*va.sun.com
j*va.sun.com
j*v*.sun.com
java.*.com
java.*.*
*.*.*
but would not match
java.*
*sun.com
The writer believes that behavior is what is required by RFC 2818.