You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@qpid.apache.org by "Lorenz Quack (JIRA)" <ji...@apache.org> on 2016/05/11 13:56:12 UTC

[jira] [Created] (QPID-7258) [Python Client for AMQP 0-8...0-9-1] Perform hostname verification of ssl/tls connections

Lorenz Quack created QPID-7258:
----------------------------------

             Summary: [Python Client for AMQP 0-8...0-9-1] Perform hostname verification of ssl/tls connections
                 Key: QPID-7258
                 URL: https://issues.apache.org/jira/browse/QPID-7258
             Project: Qpid
          Issue Type: Bug
          Components: Java Client
            Reporter: Lorenz Quack


Currently, the Python client for AMQP 0-8...0-9-1 does not perform hostname verification of tls connections. this opens the possibility of Man-in-the-Middle attacks.

We should enhance the client to have this ability, make it configurable and turn the feature on by default.
It should respect hostnames from both CN and SANs, and support wildcards.




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org