> On May 11, 2016, at 9:27 PM, Ángel González <[email protected]> wrote:
>
> Section 3 shows an example pattern of «["_.example.com",
> "_.example.net"]», but it is not allowed by the grammar of 3.1.2.
> Similarly for ["*.mail.example.com"] of section 9.1
Yes, there is inconsistent editing, the draft is in flux.
> I suppose the "_.example.com" were actually intended to be
> "*.example.com", as I see no use of such underscores in rfc6125. The
> grammar should be amended accordingly.
"*.example.com" would not be a good syntax to use, it is too easily
confused with the wildcard syntax on the server-certificate side.
This is a client-side wildcard that is semantically different.
A better syntax would be ".example.com" to indicate any proper
sub-domain of example.com. No leading "*" or "_".
--
Viktor.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
