You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@mesos.apache.org by "Benno Evers (JIRA)" <ji...@apache.org> on 2019/06/03 22:56:00 UTC
[jira] [Created] (MESOS-9810) Reject certificate-less ciphers when
certificate verification is enabled
Benno Evers created MESOS-9810:
----------------------------------
Summary: Reject certificate-less ciphers when certificate verification is enabled
Key: MESOS-9810
URL: https://issues.apache.org/jira/browse/MESOS-9810
Project: Mesos
Issue Type: Task
Reporter: Benno Evers
A TLS server is required by the spec to always send a server certificate, unless an anonymous cipher is used.
In libprocess, this certificate is verified to be valid and trusted when the flag LIBPROCESS_VERIFY_CERT is set to true.
However, when an anonymous cipher is used, the server does not present a certificate, meaning the verification step will not happen. If a TLS server would be allowed to use such a cipher, it could trivially sidestep the security provided by certificate verification.
Therefore, we should always reject connections using anonymous ciphers when certificate verification is enabled.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)