It should be straightforward to patch mod_ssl to accept null ciphers,
for such an unusual use case, but it isn't something we would likely
accept in the ASF distribution for the reasons I outlined.
that would be fine, this is cluster that needs to move a lot data
internally in a very short amount of time..
where in mod_ssl would I be looking?
Otherwise,
any man-in-the-middle can observe the data in transit and alter
the data passed between your client and backend storage server
there are no men to be in the middle. the servers have no logins/users.
Consider it an appliance, in general people also don't worry about
someone sniffing the wire between a HDU sas connector and the drive's
chipset. This is the same thing, just a little bigger.
Wait, why does the use of NULL encryption have any effect on the
authenticity/integrity characteristics of the cipher? I asserted
otherwise on openssl-users and was not corrected...
I didn't suggest it that it would. Everything *after* that handshake,
in cleartext, is open for inspection or for manipulation by every link
in between the user agent and server.
except in my case, there is 'no one there' to do it. It is a separate,
isolated network.
thanks,
Ron
--Jacob
[1] https://marc.info/?t=144900982700003&r=1&w=2
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
