[9] RFR: 8054380: X.509 cert extension SubjectAltName should allow digits as first character of dNSName
Sean Mullan
sean.mullan at oracle.com
Thu Aug 7 13:32:31 UTC 2014
On 08/07/2014 08:47 AM, Florian Weimer wrote:
> I wonder why using the HTTPS to access <https://www.3com.com> works with
> the current jdk9-dev code. The name "www.3com.com" is only present in
> the SAN.
Is the SAN extension non-critical? If so, that could explain why. We
allow X509Certificates to be created with unparseable non-critical
extensions.
--Sean
More information about the security-dev
mailing list