[jira] [Updated] (QPID-7113) [Java Broker] Add ability to select cipher suite during TLS negotiation based on Broker side cipher suite order

Fri, 26 Feb 2016 09:09:03 -0800 

     [ 
https://issues.apache.org/jira/browse/QPID-7113?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Keith Wall updated QPID-7113:
-----------------------------
    Description: 
During TLS handshaking, the client requests to negotiate a cipher suite from a 
list of cryptographic options that it supports, starting with its first 
preference. Then, the server selects a single cipher suite from the list of 
cipher suites requested by the client. Normally, the selection honors the 
client's preference. 

Broker should be able to select cipher suites based on its own preference 
rather than the client's preference in order to mitigate the risks of using 
weak cipher suites.



  was:
During TLS handshaking, the client requests to negotiate a cipher suite from a 
list of cryptographic options that it supports, starting with its first 
preference. Then, the server selects a single cipher suite from the list of 
cipher suites requested by the client. Normally, the selection honors the 
client's preference. 

Broker should be able to select cipher suites based on its own preference 
rather than the client's preference in order to mitigate the risks of using 
weak cipher suites.


> [Java Broker] Add ability to select cipher suite during TLS negotiation based 
> on Broker side cipher suite order
> ---------------------------------------------------------------------------------------------------------------
>
>                 Key: QPID-7113
>                 URL: https://issues.apache.org/jira/browse/QPID-7113
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>            Reporter: Alex Rudyy
>             Fix For: qpid-java-6.1
>
>
> During TLS handshaking, the client requests to negotiate a cipher suite from 
> a list of cryptographic options that it supports, starting with its first 
> preference. Then, the server selects a single cipher suite from the list of 
> cipher suites requested by the client. Normally, the selection honors the 
> client's preference. 
> Broker should be able to select cipher suites based on its own preference 
> rather than the client's preference in order to mitigate the risks of using 
> weak cipher suites.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to