You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2022/06/01 04:41:48 UTC

[GitHub] [pulsar] michaeljmarshall commented on pull request #15824: Switch to rely on Netty for Hostname Verification

michaeljmarshall commented on PR #15824:
URL: https://github.com/apache/pulsar/pull/15824#issuecomment-1143110376

   > LGTM
   > 
   > I have a quest:
   > 
   > > If a subjectAltName extension of type dNSName is present, that MUST
   > > be used as the identity. Otherwise, the (most specific) Common Name
   > > field in the Subject field of the certificate MUST be used. Although
   > > the use of the Common Name is existing practice, it is deprecated and
   > > Certification Authorities are encouraged to use the dNSName instead.
   > 
   > Do your changes follow up on this rule?
   
   @nodece - I did not test this case, but the Java Naming Spec indicates that the hostname verifier will follow RFC 2818, so I assume that it should conform to the portion of the spec you quoted.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org