[Python-Dev] SSL certs (original) (raw)
Thomas Wouters thomas at python.org
Wed Sep 19 02:02:59 CEST 2007
- Previous message: [Python-Dev] Extending Python 3000
- Next message: [Python-Dev] SSL certs
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 9/13/07, Bill Janssen <janssen at parc.com> wrote:
> However, there is an alternative to using multiple IP addresses: > one could also use multiple "subject alternative names", and create > a certificate that lists them all. Unfortunately, much of the client code that does the hostname verification is wrapped up in gullible Web browsers or Java HTTPS libraries that swallowed RFC 2818 whole, and not easily accessible by applications. Does any of it recognize and accept "subject alternative name"?
For what it's worth, when I last looked at this (a year or so ago), only a few fringe browsers on mobile phones had issues with accepting our wildcard certificate, and some of those only because they didn't trust the root authority.
-- Thomas Wouters <thomas at python.org>
Hi! I'm a .signature virus! copy me into your .signature file to help me spread! -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.python.org/pipermail/python-dev/attachments/20070918/300bb343/attachment.htm
- Previous message: [Python-Dev] Extending Python 3000
- Next message: [Python-Dev] SSL certs
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]