You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Masaori Koshiba (JIRA)" <ji...@apache.org> on 2015/07/08 08:08:05 UTC
[jira] [Comment Edited] (TS-3216) Add HPKP (Public Key Pinning
Extension for HTTP) support
[ https://issues.apache.org/jira/browse/TS-3216?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14618029#comment-14618029 ]
Masaori Koshiba edited comment on TS-3216 at 7/8/15 6:07 AM:
-------------------------------------------------------------
Hi [~jpeach@apache.org],
I attached a new patch. Add below configs in {{records.config}} and those configs are overridable from {{ssl_multicert.config}}.
- {{records.config}}
{noformat}
proxy.config.ssl.hpkp.enabled
proxy.config.ssl.hpkp.backup_csr.filename
proxy.config.ssl.hpkp.report_only
proxy.config.ssl.hpkp.report_uri
proxy.config.ssl.hpkp.max_age
proxy.config.ssl.hpkp.include_subdomains
{noformat}
- {{ssl_multicert.config}}
{noformat}
hpkp_enabled
hpkp_backup_csr_filename
hpkp_report_only
hpkp_report_uri
hpkp_max_age
hpkp_include_subdomains
{nofotmat}
This patch also have {{Public-Key-Pins-Report-Only}} and {{report-uri}} support.
was (Author: masaori):
Hi [~jpeach@apache.org],
I attached a new patch. Add below configs in {{records.config}} and those configs are overridable from {{ssl_multicert.config}}.
{noformat}
proxy.config.ssl.hpkp.enabled
proxy.config.ssl.hpkp.backup_csr.filename
proxy.config.ssl.hpkp.report_only
proxy.config.ssl.hpkp.report_uri
proxy.config.ssl.hpkp.max_age
proxy.config.ssl.hpkp.include_subdomains
{noformat}
This patch also have {{Public-Key-Pins-Report-Only}} and {{report-uri}} support.
> Add HPKP (Public Key Pinning Extension for HTTP) support
> --------------------------------------------------------
>
> Key: TS-3216
> URL: https://issues.apache.org/jira/browse/TS-3216
> Project: Traffic Server
> Issue Type: New Feature
> Components: SSL
> Reporter: Masaori Koshiba
> Labels: review
> Fix For: 6.1.0
>
> Attachments: hpkp-001.patch, hpkp-002.patch, hpkp-003.patch
>
>
> Add "Public Key Pinning Extension for HTTP" Support in Traffic Server.
> RFC 7469 Public Key Pinning Extension for HTTP
> - https://tools.ietf.org/html/rfc7469
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)