#3914: mutt stores duplicate certificates into $certificate-file on hostname
mismatch and interactive_check_cert = "allow always"
---------------------+----------------------
Reporter: m-a | Owner: mutt-dev
Type: defect | Status: new
Priority: minor | Milestone: 1.8
Component: crypto | Version: 1.7.2
Resolution: | Keywords:
---------------------+----------------------
Comment (by m-a):
{{{
Alright, makes sense, my differing proposal was a thinko on my end.
Of course, we can only offer (a)ccept always if it will be effective.
It would not be in the "hostname mismatch" scenario unless we also
stored tuples of (mismatched hostname, presented and user-accepted
certificate) somewhere, which we do not. And probably should not because
this scenario is abuse, and the SNI (server name indication) exists so
the server can present the certificate that the client is asking
for.Rearding SNI, see ticket #3923.
}}}
--
Ticket URL: <https://dev.mutt.org/trac/ticket/3914#comment:7>
Mutt <http://www.mutt.org/>
The Mutt mail user agent
