[ https://issues.apache.org/jira/browse/CASSANDRA-13404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15956937#comment-15956937 ]
Stefan Podkowinski commented on CASSANDRA-13404: ------------------------------------------------ I think it was mentioned somewhere that reusing SSLContext instances would be preferable in the future due to performance reasons. We'd have to change the code to either return a shared or a newly created instance if we would add this feature. The main motivation for CASSANDRA-9220 and related client tickets was to prevent men-in-the-middle attacks. If you send your login credentials, you have to make sure that the connection hasn't been compromised and therefor it's important to verify that the peer is really the server you think you're talking to. This can be done by verifying the trust chain of the certificate and the hostname for which the certificate has been issued for. Once the connection has been verified, the connection confidentiality has been established and there's no point for the server to in turn verify the client certificate again to prevent MiM. The only scenario where it would make sense to verify clients is when you're not able to verify server certificates correctly on the client side. At least the Java and Python driver should now do this correctly (incl. hostnames), but there could be other clients where you'd prefer to verify from server side. But given operational implications (there are usually much more client nodes than cluster nodes in the network) of having to manage a lot of certificates for a potentially elastic number of clients, this would be a quite heavy handed way to address this issue for most users. In this case you probably would want to spend the effort fixing the clients to correctly verify the servers. This doesn't mean I'm -1 here as long as code changes are small, but just wanted to share my thoughts why this hasn't been implemented yet. > Hostname verification for client-to-node encryption > --------------------------------------------------- > > Key: CASSANDRA-13404 > URL: https://issues.apache.org/jira/browse/CASSANDRA-13404 > Project: Cassandra > Issue Type: New Feature > Reporter: Jan Karlsson > Assignee: Jan Karlsson > Fix For: 4.x > > Attachments: 13404-trunk.txt > > > Similarily to CASSANDRA-9220, Cassandra should support hostname verification > for client-node connections. -- This message was sent by Atlassian JIRA (v6.3.15#6346)