On Mon Jun 20 19:37:41 2016, levitte wrote: > On Tue Feb 02 01:44:47 2016, openssl-dev@openssl.org wrote: > > On Mon, Feb 01, 2016 at 07:18:04PM +0000, Rich Salz via RT wrote: > > > > > This is reported against 0.9.x; please open a new ticket if still a > > > problem > > > with current releases. > > > > The same behaviour is present in all releases including master. > > I don't see any code in OpenSSL that imposes any constraints on > > the subject names of proxy certificates. > > > > If strict adherence to the rules in RFC3820 is important for security > > (I don't where proxy certs are used and what real semantics > > applications expect), then this issue remains to be addressed. > > > > Perhaps reopen this one. > > This has now been fixed in master, along with a pc pathlength checking > bug fix. > > The backport to 1.0.2 (and possibly 1.0.1) is still pending review.
Fix merged into 1.0.2 Cheers, Richard -- Richard Levitte levi...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=1852 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev