[
https://issues.apache.org/jira/browse/KUDU-1886?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Todd Lipcon updated KUDU-1886:
------------------------------
Target Version/s: Backlog
Priority: Major (was: Critical)
Lowering priority since I don't think we have a compelling case for this as of
yet
> TLS certificate hostname verification
> -------------------------------------
>
> Key: KUDU-1886
> URL: https://issues.apache.org/jira/browse/KUDU-1886
> Project: Kudu
> Issue Type: Improvement
> Components: rpc, security
> Affects Versions: 1.2.0
> Reporter: Dan Burkert
> Labels: security
>
> We currently aren't correctly handling hostname verification on
> master-generated (ipki) certificates. This has big consequences in terms of
> the security of the system, and what active attackers with access to a cert
> can achieve. Couple of points that came out of discussions:
> - We currently don't plumb the remote hostname into the client negotiation,
> which will probably become necessary to avoid a reverse-DNS lookup when
> verifying the server's cert.
> - The master should be validating that the hostname in a tserver's CSR
> matches the Kerberos principal of the connection's authentication.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
