I may add some backgroup of this inquiry.
the Solaris ldap lib (using NSS as SSL/TLS implementation) performs a
reverse-lookup before starting SSL handshake when an IP is specified as
target.
If the reverse-lookup fails then the TCP connection is closed.
IMHO this is an incorrect behavior ..
The NSS Development Team announces the release of NSS 3.16.3.
Network Security Services (NSS) 3.16.3 is a patch release for NSS 3.16.
This release consists primarily of CA certificate changes as listed
below, and fixes an issue with a recently added utility function.
New Functions:
* CERT_GetGen
Thanks a lot for the details Ryan, much appreciated.
I'm sorry for being unspecific.
I was referring to 'Name Validation' ... like Subject CN /
SubjectAlternativeName extension.
So I will have a look at RFC 6125.
I'm especially interested when a 'BAD_CERT_DOMAIN' error should/will be
raised
3 matches
Mail list logo
