oss-sec mailing list archives
Re: CVE Request: libesmtp does not check NULL bytes in commonName
From: Joe Orton <jorton () redhat com>
Date: Thu, 11 Mar 2010 21:32:37 +0000
On Thu, Mar 11, 2010 at 11:42:11AM -0800, Geoff Keating wrote:
Somewhere there's a draft RFC that goes into recommendations for certificate validation in much more detail, but I've lost it, and it's a draft and not yet complete.
You probably mean this: http://tools.ietf.org/html/draft-saintandre-tls-server-id-check Regards, Joe
Current thread:
- Re: CVE Request: libesmtp does not check NULL bytes in commonName, (continued)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName ArkanoiD (Mar 16)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName Ludwig Nussel (Mar 17)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName Brian Stafford (Mar 16)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName Brian Stafford (Mar 17)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName Ludwig Nussel (Mar 17)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName ArkanoiD (Mar 17)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName Brian Stafford (Mar 17)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName ArkanoiD (Mar 17)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName Joe Orton (Mar 16)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName Geoff Keating (Mar 11)
- Re: CVE Request: libesmtp does not check NULL bytes in commonName Joe Orton (Mar 11)