If I got to "https://foo"; and foo has a cert for "foo.somedomain.com",
Moz doesn't complain. It looks like this is intentional (the following
snippet from certdb.c):
---------------------
if ((hndomain = PORT_Strchr(hn, '.')) == NULL) {
/* No domain in URI host name */
char * cndomain;
if ((cndomain = PORT_Strchr(cn, '.')) != NULL &&
(cndomain - cn) > 0) {
/* there is a domain in the cn string, so chop it off */
*cndomain = '\0';
}
}
---------------------
My question is: why? Seems like this is to prevent moz from
complaining in intranet environs, but I'm skeptical this is a Good
Thing as it is...
_______________________________________________
Mozilla-security mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-security
