[Bug 22709] crypt32 doesn't support wildcard certificates with alternate name extension

wine-bugs at winehq.org wine-bugs at winehq.org
Sun May 16 11:20:50 CDT 2010


http://bugs.winehq.org/show_bug.cgi?id=22709





--- Comment #4 from Juan Lang <juan_lang at yahoo.com>  2010-05-16 11:20:50 ---
openssl doesn't support/validate the alterative name extension.  And I'm
familiar with wildcard DNS names in certificates.  I've already stated why this
one is invalid:  a * character is valid in the certificate's common name, but
not in the DNS name field.  At least, not according to RFC 5280/1034.

I'm not disagreeing that this is a bug, I'm just stating that common practice
appears to violate the RFCs.  The RFCs are probably underspecified here,
though.  In any case, what's really needed is a test for this.

-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.



More information about the wine-bugs mailing list