View Issue Details

IDProjectCategoryView StatusLast Update
0001465Main CAcert Websitemy accountpublic2019-08-11 09:02
Reporter.Assigned To 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformMain CAcert WebsiteOSN/AOS Versionstable
Product Version 
Target VersionFixed in Version 
Summary0001465: domain validation: filter out at least private network IP addresses before trying to validate domain/whatever.
DescriptionThe domain validation routine does no filtering before making an attempt to validate.
At the very least the private range IP-addresses (192.168.?.?, 10.?.?.?, 172.?.?.? etcetera) should be filtered out and an error returned to the user before starting validation.
There is no reason to bother IANA with attempts to validate what we do not even allow to be validated.

Do we even want to issue certificates for ip-addresses? If not it should be even easier to filter these out anything that looks line an IPv4 or IPv6 address.
Reviewed by
Test Instructions


There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2019-08-11 09:02 . New Issue
2019-08-11 09:02 . Tag Attached: domain