looking for terminology recommendations concerning non-rooted FQDNs

• Previous message (by thread): looking for terminology recommendations concerning non-rooted FQDNs
• Next message (by thread): Should host/domain names travel over the internet with a trailing dot?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Feb 24, 2013 at 12:10:20AM +1100, Mark Andrews wrote:
> > When I did my initial development with OpenSSL, I observed:
> > 
> > - If I did not have the rooted domain name in the SAN, then any SSL
> >   client stack would fail the verification if a rooted domain name
> >   was used to connect to the SSL server.
> 
> Well you have a broken SSL client app.  If it is accepting non legal
> hostnames it should be normalising them before passing them to the ssl
> layer.

>From what little research I've done (only OpenSSL), the SSL client
is relying on getaddrinfo(3) to do name resolution.  In turn, I
haven't found an implementation of getaddrinfo(3) that rejects
rooted domain names as non-legal.

Looking for couter-examples...

> -- 
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

-- 
Brian Reichert				<reichert at numachi.com>
BSD admin/developer at large	

• Previous message (by thread): looking for terminology recommendations concerning non-rooted FQDNs
• Next message (by thread): Should host/domain names travel over the internet with a trailing dot?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]