[
https://issues.apache.org/jira/browse/TS-3746?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14634264#comment-14634264
]
ASF GitHub Bot commented on TS-3746:
------------------------------------
Github user shinrich commented on the pull request:
https://github.com/apache/trafficserver/pull/254#issuecomment-123091079
Agreed with everyone's notion that the origin servers should just have good
certs. And that is what we are working towards. However, we need a short term
solution to at least do some checking. We will keep this change local, but
since it is an interim solution to a situation ATS should not be promoting we
will not try to push it back into the open source.
> We need to make proxy.config.ssl.client.verify.server overridable
> -----------------------------------------------------------------
>
> Key: TS-3746
> URL: https://issues.apache.org/jira/browse/TS-3746
> Project: Traffic Server
> Issue Type: New Feature
> Components: Configuration
> Reporter: Syeda Persia Aziz
> Assignee: Dave Thompson
> Labels: Yahoo
> Fix For: sometime
>
>
> We need to make proxy.config.ssl.client.verify.server overridable. Some
> origin servers need validation to avoid MITM attacks while others don't.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
