[Python-Dev] SSL certs

Thomas Wouters thomas at python.org
Wed Sep 19 02:02:59 CEST 2007

On 9/13/07, Bill Janssen <janssen at parc.com> wrote:
> > However, there is an alternative to using multiple IP addresses:
> > one could also use multiple "subject alternative names", and create
> > a certificate that lists them all.
> Unfortunately, much of the client code that does the hostname
> verification is wrapped up in gullible Web browsers or Java HTTPS
> libraries that swallowed RFC 2818 whole, and not easily accessible by
> applications.  Does any of it recognize and accept "subject
> alternative name"?

For what it's worth, when I last looked at this (a year or so ago), only a
few fringe browsers on mobile phones had issues with accepting our wildcard
certificate, and some of those only because they didn't trust the root

Thomas Wouters <thomas at python.org>

Hi! I'm a .signature virus! copy me into your .signature file to help me
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/python-dev/attachments/20070918/300bb343/attachment.htm 

More information about the Python-Dev mailing list