Andrew Stitcher created PROTON-2021:
---------------------------------------
Summary: [c] Make SSL/TLS usage more secure by default
Key: PROTON-2021
URL: https://issues.apache.org/jira/browse/PROTON-2021
Project: Qpid Proton
Issue Type: Improvement
Components: proton-c
Reporter: Andrew Stitcher
Assignee: Andrew Stitcher
There are some aspects of using TLS with proton-c that are awkward and by
default less secure than thye could be.
A good example of this is that it is tricky to set up to verify peer names
against the system default ca certificate list. Even though this is carefully
set up under many (most?) modern OS distributions.
Another example is that for a client on the internet verifying peer names is
the only safe way to use TLS, but this is not the default.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
