Benno Evers created MESOS-9810:
----------------------------------
Summary: Reject certificate-less ciphers when certificate
verification is enabled
Key: MESOS-9810
URL: https://issues.apache.org/jira/browse/MESOS-9810
Project: Mesos
Issue Type: Task
Reporter: Benno Evers
A TLS server is required by the spec to always send a server certificate,
unless an anonymous cipher is used.
In libprocess, this certificate is verified to be valid and trusted when the
flag LIBPROCESS_VERIFY_CERT is set to true.
However, when an anonymous cipher is used, the server does not present a
certificate, meaning the verification step will not happen. If a TLS server
would be allowed to use such a cipher, it could trivially sidestep the security
provided by certificate verification.
Therefore, we should always reject connections using anonymous ciphers when
certificate verification is enabled.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
