You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Andrew Stitcher (JIRA)" <ji...@apache.org> on 2019/03/25 22:12:00 UTC
[jira] [Resolved] (PROTON-2021) [c] Make SSL/TLS usage more secure
by default
[ https://issues.apache.org/jira/browse/PROTON-2021?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Stitcher resolved PROTON-2021.
-------------------------------------
Resolution: Fixed
Fix Version/s: proton-c-0.28.0
> [c] Make SSL/TLS usage more secure by default
> ---------------------------------------------
>
> Key: PROTON-2021
> URL: https://issues.apache.org/jira/browse/PROTON-2021
> Project: Qpid Proton
> Issue Type: Improvement
> Components: proton-c
> Reporter: Andrew Stitcher
> Assignee: Andrew Stitcher
> Priority: Major
> Fix For: proton-c-0.28.0
>
>
> There are some aspects of using TLS with proton-c that are awkward and by default less secure than they could be.
> A good example of this is that it is tricky to set up to verify peer names against the system default ca certificate list. Even though this is carefully set up under many (most?) modern OS distributions.
> Another example is that for a client on the internet verifying peer names is the only safe way to use TLS, but this is not the default.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org