[ https://issues.apache.org/jira/browse/PROTON-2021?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16801056#comment-16801056 ]
ASF subversion and git services commented on PROTON-2021: --------------------------------------------------------- Commit a735a512d3064a330d6f2623e4770da9db5aae2e in qpid-proton's branch refs/heads/master from Andrew Stitcher [ https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=a735a51 ] PROTON-2021: [c] Round out the ssl certificate verification tests > [c] Make SSL/TLS usage more secure by default > --------------------------------------------- > > Key: PROTON-2021 > URL: https://issues.apache.org/jira/browse/PROTON-2021 > Project: Qpid Proton > Issue Type: Improvement > Components: proton-c > Reporter: Andrew Stitcher > Assignee: Andrew Stitcher > Priority: Major > > There are some aspects of using TLS with proton-c that are awkward and by > default less secure than they could be. > A good example of this is that it is tricky to set up to verify peer names > against the system default ca certificate list. Even though this is carefully > set up under many (most?) modern OS distributions. > Another example is that for a client on the internet verifying peer names is > the only safe way to use TLS, but this is not the default. -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org