- changed status to resolved
Federation constraints needs special handling
Issue #290
resolved
Also, because Vladimir should be on this list, and I dont have
bitbucket: the extra dot is not superfluous, its how x509 naming
constraints are specified.
https://tools.ietf.org/html/rfc5280#section-4.2.1.10
When the constraint begins with a period, it MAY be expanded with one or more labels. That is, the constraint ".example.com" is satisfied by both host.example.com and my.host.example.com. However, the constraint ".example.com" is not satisfied by "example.com". When the constraint does not begin with a period, it specifies a host.
Comments (1)
-
- Log in to comment
Addressed as part of
#283