[
https://issues.apache.org/jira/browse/DERBY-2363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12474850
]
Bernt M. Johnsen commented on DERBY-2363:
-----------------------------------------
I like this idea. The client could also keep a hashtable of all host/portnumber
pairs to keep track of which servers that are plaintext and thus avoid the
overhead of trying out SSL on servers that already proven themselves to be
plaintext.
DERBY-2356 proposes three modes for ssl: off, basic and peerAuthentication. If
we add negotiable and use that as default for the client we will have all we
need.
> Add initial handshake on connection setup to determine server's required ssl
> support level and avoid client side attribute settings.
> ------------------------------------------------------------------------------------------------------------------------------------
>
> Key: DERBY-2363
> URL: https://issues.apache.org/jira/browse/DERBY-2363
> Project: Derby
> Issue Type: Improvement
> Components: Network Client, Network Server, Security
> Reporter: Daniel John Debrunner
>
> Based upon some of the discussion in DERBY-2108, it would be useful to have
> some initial handshake between the client and the server to indicate the
> required level of ssl support. This would avoid client applications having to
> setup ssl related JDBC attributes or DataSource properties.
> Thus one could change the server to be ssl enabled without having to change
> any applications.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
