[
https://issues.apache.org/jira/browse/KAFKA-3665?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15274012#comment-15274012
]
Ismael Juma commented on KAFKA-3665:
------------------------------------
[~Ryan P], I agree that this would be better. The paper also touches on this:
{quote}
After the chain of trust is established, the
client must verify the server’s identity. RFC 2818 advises the implementors
to use “SubjectAltNames” as the main source of server
identifiers and support “Common Name” for backward compatibility
only, but most of the software we tested does it the other way
around and checks “Common Name” first.
{quote}
However, I think we should tackle this separately. Would you mind filing a
separate JIRA for that?
> Default ssl.endpoint.identification.algorithm should be https
> -------------------------------------------------------------
>
> Key: KAFKA-3665
> URL: https://issues.apache.org/jira/browse/KAFKA-3665
> Project: Kafka
> Issue Type: Bug
> Components: security
> Affects Versions: 0.9.0.1
> Reporter: Ismael Juma
> Assignee: Ismael Juma
> Fix For: 0.10.0.0
>
>
> The default `ssl.endpoint.identification.algorithm` is `null` which is not a
> secure default (man in the middle attacks are possible).
> We should probably use `https` instead. A more conservative alternative would
> be to update the documentation instead of changing the default.
> A paper on the topic (thanks to Ryan Pridgeon for the reference):
> http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
