- marked as enhancement
-
assigned issue to
BK Comments 8
Issue #90
resolved
Section 8
HTTP clients MUST also verify the TLS server certificate, using
subjectAltName dNSName identities as described in [RFC6125], to avoid
man-in-the-middle attacks. The rules and guidelines defined in
It's probably easier to just say "using DNS-ID [RFC6125], to avoid
man-in-the-middle attacks".
Comments (5)
-
reporter -
reporter - changed status to resolved
Fixed issue
#90.→ <<cset a6e45505ba84>>
-
reporter - changed status to open
Pull request not applied yet.
-
reporter - changed status to resolved
FIxing
#90.→ <<cset d9d929775b0f>>
-
reporter - Log in to comment