RFC Errata Report

Errata Search
RFC Number:		Errata ID:

Source of RFC		Status:
Area Acronym:		Type:
WG Acronym:		Submitter Name:
Other:		Date Submitted:
Summary Table Full Records

Found 1 record.

Status: Reported (1)

RFC2595, "Using TLS with IMAP, POP3 and ACAP", June 1999

Source of RFC: Legacy

Errata ID: 1076

Status: Reported
Type: Technical

Reported By: Joseph Shraibman
Date Reported: 2007-11-14

Section 2.4 says:

- A "*" wildcard character MAY be used as the left-most name
     component in the certificate.  For example, *.example.com would
     match a.example.com, foo.example.com, etc. but would not match
     example.com.

It should say:

- A "*" wildcard character MAY be used for the left-most name
     components in the certificate.  For example, *.example.com would
     match a.example.com, foo.example.com, etc. but would not match
     example.com or foo.bar.example.com.  *.*.example.com would match 
     foo.bar.example.com but would not match foo.example.com.

Notes:

It seems the original wording unintentionally disallowed certificates with *.* wildcards.