Author christian.heimes
Recipients alex, benjamin.peterson, christian.heimes, dstufft, ned.deily, pitrou, rhettinger
Date 2017-04-02.18:06:40
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
Ned, Benjamin,

are you ok with a backport to 2.7 and 3.6? Substring (aka partial) matching of wildcards is a MAY feature according to RFC 6125 . They are a violation of CA/B Form's baseline requirements, so no publicaly trusted cert may contain a CN or SAN entry with a partial wildcard. Several libraries and languages do not implement the feature either. Improper wildcard matching caused a bunch of security issues and CVEs in Python.
Date User Action Args
2017-04-02 18:06:40christian.heimessetrecipients: + christian.heimes, rhettinger, pitrou, benjamin.peterson, ned.deily, alex, dstufft
2017-04-02 18:06:40christian.heimessetmessageid: <>
2017-04-02 18:06:40christian.heimeslinkissue23033 messages
2017-04-02 18:06:40christian.heimescreate