Question: Is a certificate for "*.example.com" considered valid for
"example.com"?
OpenSSL seems to say no, but Firefox 2 says yes. Try
"https://stanford.edu"; for a test.
RFC 2459 doesn't discuss wildcards. I haven't paid
73 CHF to access the X.509 standard at
"http://www.itu.int/rec/T-REC-X.509-200508-I/en";.
John Nagle
SiteTruth
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
