What's actually happening is that the SNI hostname is being sent with the trailing dot. Technically, it is clients which are getting this wrong according to RFC 6066:
"HostName" contains the fully qualified DNS hostname of the server, as understood by the client. The hostname is represented as a byte string using ASCII encoding without a trailing dot. Firefox (Linux, Mac) are broken. Safari is broken. Some versions of curl work, some don't. So if I had to ask some questions here: * What are other web (and other) servers doing: are they being liberal in what they accept? * If popular clients are getting this wrong... and nobody is noticing... is it time to retire the notion of FQDNs? -- Fred Morris _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
