[
https://issues.apache.org/jira/browse/DERBY-2356?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bernt M. Johnsen updated DERBY-2356:
------------------------------------
Component/s: (was: Services)
Security
> Make SSL server authentication optional
> ---------------------------------------
>
> Key: DERBY-2356
> URL: https://issues.apache.org/jira/browse/DERBY-2356
> Project: Derby
> Issue Type: Improvement
> Components: Network Client, Network Server, Security
> Affects Versions: 10.3.0.0
> Reporter: Bernt M. Johnsen
> Assigned To: Bernt M. Johnsen
> Fix For: 10.3.0.0
>
> Attachments: derby-2356-v1.diff, derby-2356-v1.stat,
> derby-2356-v2.diff, derby-2356-v2.stat, derby-2356-v3.diff, SSLFuncSpect.txt,
> SSLFuncSpect.txt
>
>
> Default SSL behaviour is to require serer authentication. For a database
> application this is not as important as it is for web browsers and also
> creates som extra hassle for the user/application programmer. Since the main
> objective for SSL in Derby is encryption on the wire, server authentication
> should be optional (the same way client authentication is).
> This also creates some symmetry which can be exploited to simplify the user
> interfce somewhat. This improvement to DERBY-2108 is described in the
> attached functional specification. See the attachment for details.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
