[gnutls-devel] GnuTLS | prohibit CN fallback on any SAN? (#1877)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Wed Apr 29 19:28:48 CEST 2026
Alexander Sosedkin created an issue: https://gitlab.com/gnutls/gnutls/-/work_items/1877
As discussed in https://gitlab.com/gnutls/gnutls/-/issues/1802#note_3270511716, we might want to prohibit fallback to Common Name on encountering a Subject Alternative Name of any kind, not just the ones we support.
An even more radical alternative could be prohibiting all CN fallback.
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/work_items/1877
You're receiving this email because of your account on gitlab.com. Unsubscribe from this thread: https://gitlab.com/-/sent_notifications/4-98cao09ja31l9wmmt1ppi692f-a84t7/unsubscribe | Manage all notifications: https://gitlab.com/-/profile/notifications | Help: https://gitlab.com/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20260429/1098c631/attachment-0001.html>
More information about the Gnutls-devel
mailing list