Duplicate :
|
|
Duplicate :
|
|
Relates :
|
JDK-8213952 :
|
1. DNSName only accepts letters as the first character. RFC 1123 has relaxed that restriction: RFC 1123, Section 2.1: > One aspect of host name syntax is hereby changed: the > restriction on the first character is relaxed to allow either a > letter or a digit. Host software MUST support this more liberal > syntax. 2. RFC 952 specifies that an LDH (Letter-Digit-Hyphen) label may only end with a letter or digit. We should remove hyphens from the set of permissible terminal characters in a label. 3. No verification of a DNSName occurs when parsing an X509Certificate. Verification only occurs when creating a certificate (for example, with keytool). Fix this so that verification runs for both parsing and creation.