[Python-Dev] SSL certs
Thomas Wouters
thomas at python.org
Wed Sep 19 02:02:59 CEST 2007
On 9/13/07, Bill Janssen <janssen at parc.com> wrote:
>
> > However, there is an alternative to using multiple IP addresses:
> > one could also use multiple "subject alternative names", and create
> > a certificate that lists them all.
>
> Unfortunately, much of the client code that does the hostname
> verification is wrapped up in gullible Web browsers or Java HTTPS
> libraries that swallowed RFC 2818 whole, and not easily accessible by
> applications. Does any of it recognize and accept "subject
> alternative name"?
For what it's worth, when I last looked at this (a year or so ago), only a
few fringe browsers on mobile phones had issues with accepting our wildcard
certificate, and some of those only because they didn't trust the root
authority.
--
Thomas Wouters <thomas at python.org>
Hi! I'm a .signature virus! copy me into your .signature file to help me
spread!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/python-dev/attachments/20070918/300bb343/attachment.htm
More information about the Python-Dev
mailing list