[openssl-dev] [openssl.org #1852] [BUG] Invalid Proxy Certificates Pass Validation
Viktor Dukhovni
openssl-users at dukhovni.org
Tue Feb 2 01:44:36 UTC 2016
On Mon, Feb 01, 2016 at 07:18:04PM +0000, Rich Salz via RT wrote:
> This is reported against 0.9.x; please open a new ticket if still a problem
> with current releases.
The same behaviour is present in all releases including master.
I don't see any code in OpenSSL that imposes any constraints on
the subject names of proxy certificates.
If strict adherence to the rules in RFC3820 is important for security
(I don't where proxy certs are used and what real semantics
applications expect), then this issue remains to be addressed.
Perhaps reopen this one.
--
Viktor.
More information about the openssl-dev
mailing list