Sam Napolitano <samnap+git...@gmail.com> added the comment:
Sorry I wasn't able to get back to you sooner.
If having a trailing dot in the cert is an RFC violation, then case 2 can be
left alone.
As for case 3, we can be more explicit: if hostname ends in a dot AND cert
does n
New submission from Sam Napolitano <samnap+git...@gmail.com>:
I recently came across an issue in the ssl library and have a simple fix to
address it.
When doing hostname verification against an X.509 certificate, a trailing dot
(period) in the hostname is matched against the certi