You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@harmony.apache.org by Tim Ellison <t....@gmail.com> on 2009/06/27 23:50:00 UTC
[classlib][security] Wildcard subjectAltName dNSName entries throw
IOException (HARMONY-6248)
Please take a look at the conversation Ian and I have been having in
HARMONY-6248.
Unless anyone objects I'm inclined to agree with Ian and modify Harmony
to accept DNSNames that start with a digit, unlike the RI which throws
an exception.
Comments welcome.
Tim
Ian Payton (JIRA) wrote:
> Urgh. That's annoying.
>
> I have further RFC wordage to support the position, though. RFC1738
> (page 5, section 3.1, 'host' description) says: "Fully qualified domain
> names take the form as described in Section 3.5 of RFC 1034 [13] and
> Section 2.1 of RFC 1123 [5]: a sequence of domain labels separated by
> ".", each domain label starting and ending with an alphanumerical
> character and possibly also containing "-" characters."
>
> Getting an explicit clarification of RFC3280 and/or RFC1034 from the
> ietf, and then getting Sun to update their implementation so the RI
> behavior also allows leading digits... doesn't sound like fun.
Re: [classlib][security] Wildcard subjectAltName dNSName entries
throw IOException (HARMONY-6248)
Posted by Alexey Petrenko <al...@gmail.com>.
Yeah, I know number of such domains...
So +1
Alexey
2009/6/28 Tim Ellison <t....@gmail.com>:
> Please take a look at the conversation Ian and I have been having in
> HARMONY-6248.
>
> Unless anyone objects I'm inclined to agree with Ian and modify Harmony
> to accept DNSNames that start with a digit, unlike the RI which throws
> an exception.
>
> Comments welcome.
> Tim
>
> Ian Payton (JIRA) wrote:
>> Urgh. That's annoying.
>>
>> I have further RFC wordage to support the position, though. RFC1738
>> (page 5, section 3.1, 'host' description) says: "Fully qualified domain
>> names take the form as described in Section 3.5 of RFC 1034 [13] and
>> Section 2.1 of RFC 1123 [5]: a sequence of domain labels separated by
>> ".", each domain label starting and ending with an alphanumerical
>> character and possibly also containing "-" characters."
>>
>> Getting an explicit clarification of RFC3280 and/or RFC1034 from the
>> ietf, and then getting Sun to update their implementation so the RI
>> behavior also allows leading digits... doesn't sound like fun.
>
>
Re: [classlib][security] Wildcard subjectAltName dNSName entries
throw IOException (HARMONY-6248)
Posted by Tim Ellison <t....@gmail.com>.
Thanks everyone. I just wanted to get that gut-check.
I'll go ahead and fix our code and update the tests to match our conclusion.
Regards,
Tim
On Jun 28, 2009 4:33 PM, "Oliver Deakin" <ol...@googlemail.com>
wrote:
I'm +1 to this as well.
Regards,
Oliver
Tim Ellison wrote: > > Please take a look at the conversation Ian and I have
been having in > HARM...
--
Oliver Deakin
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number
741598. Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire
PO6 3AU
Re: [classlib][security] Wildcard subjectAltName dNSName entries
throw IOException (HARMONY-6248)
Posted by Oliver Deakin <ol...@googlemail.com>.
I'm +1 to this as well.
Regards,
Oliver
Tim Ellison wrote:
> Please take a look at the conversation Ian and I have been having in
> HARMONY-6248.
>
> Unless anyone objects I'm inclined to agree with Ian and modify Harmony
> to accept DNSNames that start with a digit, unlike the RI which throws
> an exception.
>
> Comments welcome.
> Tim
>
> Ian Payton (JIRA) wrote:
>
>> Urgh. That's annoying.
>>
>> I have further RFC wordage to support the position, though. RFC1738
>> (page 5, section 3.1, 'host' description) says: "Fully qualified domain
>> names take the form as described in Section 3.5 of RFC 1034 [13] and
>> Section 2.1 of RFC 1123 [5]: a sequence of domain labels separated by
>> ".", each domain label starting and ending with an alphanumerical
>> character and possibly also containing "-" characters."
>>
>> Getting an explicit clarification of RFC3280 and/or RFC1034 from the
>> ietf, and then getting Sun to update their implementation so the RI
>> behavior also allows leading digits... doesn't sound like fun.
>>
>
>
>
--
Oliver Deakin
Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 741598.
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU
Re: [classlib][security] Wildcard subjectAltName dNSName entries
throw IOException (HARMONY-6248)
Posted by Nathan Beyer <nd...@apache.org>.
seems appropriate, go for it
On Sat, Jun 27, 2009 at 4:50 PM, Tim Ellison<t....@gmail.com> wrote:
> Please take a look at the conversation Ian and I have been having in
> HARMONY-6248.
>
> Unless anyone objects I'm inclined to agree with Ian and modify Harmony
> to accept DNSNames that start with a digit, unlike the RI which throws
> an exception.
>
> Comments welcome.
> Tim
>
> Ian Payton (JIRA) wrote:
>> Urgh. That's annoying.
>>
>> I have further RFC wordage to support the position, though. RFC1738
>> (page 5, section 3.1, 'host' description) says: "Fully qualified domain
>> names take the form as described in Section 3.5 of RFC 1034 [13] and
>> Section 2.1 of RFC 1123 [5]: a sequence of domain labels separated by
>> ".", each domain label starting and ending with an alphanumerical
>> character and possibly also containing "-" characters."
>>
>> Getting an explicit clarification of RFC3280 and/or RFC1034 from the
>> ietf, and then getting Sun to update their implementation so the RI
>> behavior also allows leading digits... doesn't sound like fun.
>
>
Re: [classlib][security] Wildcard subjectAltName dNSName entries
throw IOException (HARMONY-6248)
Posted by Sean Qiu <se...@gmail.com>.
It makes sense for me.
Best Regards
Sean, Xiao Xia Qiu
2009/6/28 Tim Ellison <t....@gmail.com>:
> Please take a look at the conversation Ian and I have been having in
> HARMONY-6248.
>
> Unless anyone objects I'm inclined to agree with Ian and modify Harmony
> to accept DNSNames that start with a digit, unlike the RI which throws
> an exception.
>
> Comments welcome.
> Tim
>
> Ian Payton (JIRA) wrote:
>> Urgh. That's annoying.
>>
>> I have further RFC wordage to support the position, though. RFC1738
>> (page 5, section 3.1, 'host' description) says: "Fully qualified domain
>> names take the form as described in Section 3.5 of RFC 1034 [13] and
>> Section 2.1 of RFC 1123 [5]: a sequence of domain labels separated by
>> ".", each domain label starting and ending with an alphanumerical
>> character and possibly also containing "-" characters."
>>
>> Getting an explicit clarification of RFC3280 and/or RFC1034 from the
>> ietf, and then getting Sun to update their implementation so the RI
>> behavior also allows leading digits... doesn't sound like fun.
>
>