[dns-operations] bug in Apache handling of real FQDNs
Fred Morris
m3047 at m3047.net
Mon Jun 8 19:04:15 UTC 2015
If anyone on here wants to weigh in on whether from a DNS perspective
www.example.com and www.example.com. are intended to represent the same host
(from the host's perspective at least) now is the time.
https://bz.apache.org/bugzilla/show_bug.cgi?id=58007
This concerns broken HTTP + TLS clients exposing what I consider to be a bug
in Apache's sanity checking of SNI + Host headers. There seems to be some
concern that the dot means something and that these cannot be treated
equivalently from the host's perspective. (Notwithstanding that from a named
virtual hosting perspective, Apache does treat them the same.)
--
Fred Morris
More information about the dns-operations
mailing list