$B$U$H!“(BSSL $B$G(B name based vitual $B$r$d$kOC(B (SNI - RFC 3546)
$B$O$I$&$J$C$?$s$@$C$1!”(B
$B$H;W$C$FC5$7$?$i!“0J2<$r8+$D$1$?$N$G!”(Bnet/http $B$K$bBP=h$r(B
$BF~$l$k$N$O$I$&$G$9$+$M!#(B

ssl - OpenSSL Server Name Indication support in Ruby - Stack Overflow

$BBP=h$rF~$l$k$H!"0J2<$,%(%i!<$K$J$i$J$/$J$j$^$9!#(B

ruby -ropen-uri -e
‘URI(“https://gmail.com/.well-known/host-meta”).read’

% svn diff --diff-cmd diff -x -u lib/net/http.rb
Index: lib/net/http.rb

— lib/net/http.rb (revision 30734)
+++ lib/net/http.rb (working copy)
@@ -780,6 +780,7 @@
@socket.writeline ‘’
HTTPResponse.read_new(@socket).value
end

•      s.hostname = @address
       timeout(@open_timeout) { s.connect }
       if @ssl_context.verify_mode != OpenSSL::SSL::VERIFY_NONE
         s.post_connection_check(@address)
  

チケット #4351 が更新されました。 (by Yui NARUSE)

へぇ、こんなものが、知りませんでした。
わたしは賛成です、入れてしまっていいんじゃないでしょうか。

Could this be backported to 1.8.x? The certificates for Gmail currently
require SNI, which encourages many Ruby developers to switch to
VERIFY_NONE. Needless to say, this is bad for security. It’s also a
blocking issue for implementing the WebFinger and Salmon protocols on
Ruby.

チケット #4351 が更新されました。 (by Akira T.)

ステータス OpenからClosedに変更
進捗 % 0から100に変更

This issue was solved with changeset r30816.
Akira, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.

• lib/net/http.rb (Net::HTTP#connect): support SNI (Server Name
  Indication) for HTTPS. [ruby-dev:43164]
  ruby - Server Name Indication support in Net::HTTP? - Stack Overflow