This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author nbareil
Recipients kiilerix, nbareil, pitrou, python-dev, sdaoden
Date 2011-05-07.07:48:34
SpamBayes Score 0.0001508831
Marked as misclassified No
Message-id <>
Hello Mads

> Until now Python failed to the safe side by not matching on 
> subjectAltName iPAddress but also not falling back to commonName
> if they were specified. AFAICS, with this change it is possible to 
> create strange certificates that Python would accept when an IP 
> address matched commonName but other implementations would reject 
> because of iPAddress mismatch.

Good point! But I think we already have this issue with a certificate 
like this one:

cert = { 'subject': ((('commonName', ''),),)}
ok(cert, '')

Do you think this test should fail?
Date User Action Args
2011-05-07 07:48:37nbareilsetrecipients: + nbareil, pitrou, kiilerix, sdaoden, python-dev
2011-05-07 07:48:37nbareilsetmessageid: <>
2011-05-07 07:48:34nbareillinkissue12000 messages
2011-05-07 07:48:34nbareilcreate