[dns-operations] bug in Apache handling of real FQDNs
Fred Morris
m3047 at m3047.net
Sun Jun 7 17:51:36 UTC 2015
What's actually happening is that the SNI hostname is being sent with the
trailing dot. Technically, it is clients which are getting this wrong
according to RFC 6066:
"HostName" contains the fully qualified DNS hostname of the server,
as understood by the client. The hostname is represented as a byte
string using ASCII encoding without a trailing dot.
Firefox (Linux, Mac) are broken. Safari is broken. Some versions of curl work,
some don't.
So if I had to ask some questions here:
* What are other web (and other) servers doing: are they being liberal in what
they accept?
* If popular clients are getting this wrong... and nobody is noticing... is it
time to retire the notion of FQDNs?
--
Fred Morris
More information about the dns-operations
mailing list