tatsuhiro-t
commented
9 years ago spdycat is designed as debugging tool for SPDY protocol application, and no much work has been done for certificate verification so far.
Open acdha opened 9 years ago
tatsuhiro-t
commented
9 years ago spdycat is designed as debugging tool for SPDY protocol application, and no much work has been done for certificate verification so far.
While testing a new webserver, I happened to run spdycat v1.3.2 against a server which has a valid SSL certificate but not for the hostname in question. Everything worked without any indication that it should not have.