Nat / oauth-jwsreq / issues / #90 - BK Comments 8 — Bitbucket

Issue #90 resolved

Nat Sakimura repo owner created an issue 2019-07-24

Section 8

   HTTP clients MUST also verify the TLS server certificate, using
   subjectAltName dNSName identities as described in [RFC6125], to avoid
   man-in-the-middle attacks.  The rules and guidelines defined in

It's probably easier to just say "using DNS-ID [RFC6125], to avoid
man-in-the-middle attacks".

Comments (5)

Nat Sakimura reporter
- marked as enhancement
- assigned issue to
  
  Nat Sakimura
- 2019-07-25T21:17:52+00:00
Nat Sakimura reporter
- changed status to resolved
Fixed issue ~~#90~~.

→ <<cset a6e45505ba84>>
- 2019-07-25T21:26:50+00:00
Nat Sakimura reporter
- changed status to open
Pull request not applied yet.
- 2019-07-26T11:38:04+00:00
Nat Sakimura reporter
- changed status to resolved
FIxing ~~#90~~.

→ <<cset d9d929775b0f>>
- 2019-07-26T11:46:10+00:00
Nat Sakimura reporter
Merged in Nat-Sakimura/issue-90-DNS-ID (pull request ~~#20~~)

FIxing ~~#90~~.

→ <<cset 26534e8be933>>
- 2019-09-06T00:41:23+00:00
Log in to comment

Assignee: Nat Sakimura

Type: enhancement

Priority: major

Status: resolved

Votes: 0

Watchers: 0

Jira: the preferred issue tracker for Bitbucket. Join the team!