A New Internet-Draft is available from the on-line Internet-Drafts
directories. This Internet-Draft is a work item of the Using TLS in
Applications (UTA) WG of the IETF.
Title : Service Identity in TLS
Authors : Peter Saint-Andre
Rich Salz
Filename : draft-ietf-uta-rfc6125bis-12.txt
Pages : 30
Date : 2023-03-13
This version has one change, using a more clear output for the “*.example.com”
names, suggested by Viktor.
--- a/draft-ietf-uta-rfc6125bis.md
+++ b/draft-ietf-uta-rfc6125bis.md
@@ -1027,7 +1027,7 @@ or buggy hosts. See for example {{Defeating-SSL}}
(beginning at slide 91) and
{{HTTPSbytes}} (slides 38-40).
As specified in {{verify-domain}}, restricting the presented identifiers in
certificates to only one
-wildcard character (e.g., `\*.example.com` but not `\*.\*.example.com`) and
+wildcard character (e.g., "\*.example.com" but not "\*.\*.example.com") and
restricting the use of wildcards to only the left-most domain label can
help to mitigate certain aspects of the attack described in {{Defeating-SSL}}.
_______________________________________________
Uta mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/uta
