On Wed Jun 29 21:16:31 2016, levitte wrote: > On Mon Jun 20 19:37:41 2016, levitte wrote: > > On Tue Feb 02 01:44:47 2016, openssl-dev@openssl.org wrote: > > > On Mon, Feb 01, 2016 at 07:18:04PM +0000, Rich Salz via RT wrote: > > > > > > > This is reported against 0.9.x; please open a new ticket if still a > > > > problem > > > > with current releases. > > > > > > The same behaviour is present in all releases including master. > > > I don't see any code in OpenSSL that imposes any constraints on > > > the subject names of proxy certificates. > > > > > > If strict adherence to the rules in RFC3820 is important for security > > > (I don't where proxy certs are used and what real semantics > > > applications expect), then this issue remains to be addressed. > > > > > > Perhaps reopen this one. > > > > This has now been fixed in master, along with a pc pathlength checking > > bug fix. > > > > The backport to 1.0.2 (and possibly 1.0.1) is still pending review. > > Fix merged into 1.0.2
... and finally, fix merged into the 1.0.1 branch as well That closes this ticket. Cheers, Richard -- Richard Levitte levi...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=1852 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev