Author kiilerix
Recipients Ryan.Tucker, ahasenack, asdfasdfasdfasdfasdfasdfasdf, debatem1, devin, giampaolo.rodola, heikki, janssen, jsamuel, kiilerix, orsenthil, pitrou, vila, zooko
Date 2010-10-06.21:45:57
SpamBayes Score 4.90534e-06
Marked as misclassified No
Message-id <>
In-reply-to <1286392173.3133.17.camel@localhost.localdomain>
> Indeed. But, strictly speaking, there are no tests for IPs, so it
> shouldn't be taken for granted that it works, even for commonName.
> The rationale is that there isn't really any point in using an IP rather
> a host name.

I don't know if there is a point or not, but some hosts are for some 
reason intended to be connected to using IP address and their 
certificates thus contains IP addresses. I think we should support that 
too, and I find it a bit confusing to only have partial support for 

> Well, that's additional logic to code. I'm not sure it's worth it,
> especially given that the function is called match_hostname in the first
> place.

"hostname" in Python usually refers to both IP addresses and DNS 
hostnames (just like in URLs), so I think it is a fair assumption that 
IP addresses also works in this hostname function.

Perhaps it should be noted that CertificateError only is raised by 
match_hostname so a paranoid programmer don't start catching it 
everywhere - and also that match_hostname won't raise SSLError.
Date User Action Args
2010-10-06 21:46:02kiilerixsetrecipients: + kiilerix, zooko, janssen, orsenthil, pitrou, giampaolo.rodola, vila, heikki, ahasenack, debatem1, jsamuel, devin, asdfasdfasdfasdfasdfasdfasdf, Ryan.Tucker
2010-10-06 21:46:01kiilerixlinkissue1589 messages
2010-10-06 21:45:57kiilerixcreate