Christian Heimes <li...@cheimes.de> added the comment: Trailing dots in hostname seem to be protocol specific, e.g. SMTP does not allow them. Unless you find a RFC that mandates support for trailing dots in TLS, I'm against a change in Python's TLS stack. It's too risky to mess up SNI, too.
I'd rather follow RFC 5890, make the caller deal with FQDN + trailing dot and require libraries to pass in a DNS Domain Names (a fully qualified domain name without a trailing dot) to server_hostname. https://tools.ietf.org/html/rfc6125#section-2.2 https://tools.ietf.org/html/rfc5890#section-2.2 (The complete name convention using a trailing dot described in RFC 1123 [RFC1123], which can be explicit as in "www.example.com." or implicit as in "www.example.com", is not considered in this specification.) ---------- nosy: +alex, dstufft, janssen _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue31997> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
