Re: [edk2-devel] reg: Multiple Host Name Certificate

2019-06-20 Thread David Woodhouse
On Thu, 2019-06-20 at 16:27 +0200, Laszlo Ersek wrote: > It is indeed the bug that you think it is ("From code inspection I'd > have guessed that the code would tolerate *any* valid certificate, even > for a host other than the one it actually attempted to connect to.") :) > I'm CC'ing you on the

Re: [edk2-devel] reg: Multiple Host Name Certificate

2019-06-20 Thread Laszlo Ersek
Hello David, On 06/20/19 14:35, David Woodhouse wrote: > On Thu, 2019-06-20 at 11:27 +, Sivaraman Nainar wrote: >> This support added when we integrating "TianoCore Bug 960 >> (HTTPS_HostName_Validation)". This has the support for performing >> Host Name validation during HTTP Operations. > >

Re: [edk2-devel] reg: Multiple Host Name Certificate

2019-06-20 Thread David Woodhouse
On Thu, 2019-06-20 at 11:27 +, Sivaraman Nainar wrote: > This support added when we integrating "TianoCore Bug 960 > (HTTPS_HostName_Validation)". This has the support for performing > Host Name validation during HTTP Operations. Hm, I can't see bug 960, at least not without and account — and

Re: [edk2-devel] reg: Multiple Host Name Certificate

2019-06-20 Thread Sivaraman Nainar
f Of David Woodhouse Sent: Thursday, June 20, 2019 4:18 PM To: devel@edk2.groups.io; Sivaraman Nainar Cc: jiaxin...@intel.com; siyuan...@intel.com Subject: Re: [edk2-devel] reg: Multiple Host Name Certificate On Wed, 2019-06-19 at 11:51 +, Sivaraman Nainar wrote: > Can you please help to confirm

Re: [edk2-devel] reg: Multiple Host Name Certificate

2019-06-20 Thread David Woodhouse
On Wed, 2019-06-19 at 11:51 +, Sivaraman Nainar wrote: > Can you please help to confirm the behavior > > From: Sivaraman Nainar > Sent: Friday, June 7, 2019 2:48 PM > To: devel@edk2.groups.io > Subject: reg: Multiple Host Name Certificate > > Hello: > > Can someone help to confirm if EDK2 supp

Re: [edk2-devel] reg: Multiple Host Name Certificate

2019-06-19 Thread Sivaraman Nainar
Can you please help to confirm the behavior From: Sivaraman Nainar Sent: Friday, June 7, 2019 2:48 PM To: devel@edk2.groups.io Subject: reg: Multiple Host Name Certificate Hello: Can someone help to confirm if EDK2 supports multiple Host Name support. We need to have an environment where the HT

[edk2-devel] reg: Multiple Host Name Certificate

2019-06-07 Thread Sivaraman Nainar
Hello: Can someone help to confirm if EDK2 supports multiple Host Name support. We need to have an environment where the HTTPS request should work fine for IP & Host Name based access. When we create certificates with CN as Host Name and SAN as IP TLS Handshake works only for Host Name and it p