[
https://issues.apache.org/jira/browse/PROTON-2021?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16801057#comment-16801057
]
ASF subversion and git services commented on PROTON-2021:
---------------------------------------------------------
Commit a58c282dfae85789747b3777d5c20be615d8e70d in qpid-proton's branch
refs/heads/master from Andrew Stitcher
[ https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=a58c282 ]
PROTON-2021: [c] Update ssl-send example to use simpler pn_ssl_init()
- Also fixed message-id to ulong as required by AMQP 1.0 std
- For back compatibility with previous use of send-ssl:
-- With no user/passwd allow insecure anonymous connections
-- Otherwise use secure default with SASL PLAIN
> [c] Make SSL/TLS usage more secure by default
> ---------------------------------------------
>
> Key: PROTON-2021
> URL: https://issues.apache.org/jira/browse/PROTON-2021
> Project: Qpid Proton
> Issue Type: Improvement
> Components: proton-c
> Reporter: Andrew Stitcher
> Assignee: Andrew Stitcher
> Priority: Major
>
> There are some aspects of using TLS with proton-c that are awkward and by
> default less secure than they could be.
> A good example of this is that it is tricky to set up to verify peer names
> against the system default ca certificate list. Even though this is carefully
> set up under many (most?) modern OS distributions.
> Another example is that for a client on the internet verifying peer names is
> the only safe way to use TLS, but this is not the default.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
