Kieths original proposal and Robs subsequent suggestion both seem sensible to me.
Robbie On 5 August 2014 23:47, Rob Godfrey <[email protected]> wrote: > I strongly support the change - we should be secure by default. > > For convenience for those upgrading from earlier versions, would it make > sense to add a system property to be able to set the global default, in > addition to the existing ability to set at the individual connection level? > In this way those who do not want to have to edit a number of connection > URLs could simply set a system property to restore the previous (broken) > behaviour. > > -- Rob > > > On 6 August 2014 00:11, Keith W <[email protected]> wrote: > > > I want to make QPID-5960 "ssl_verify_hostname should default to true > > rather than false" visible on the users list. This proposed change > > affects the Java Client (0-10.0-8) only. > > > > The intention is to change the default for the ssl_verify_hostname > > broker list option [1] from false to true for the next release (0.30). > > This means that the Java client will always validate the the server's > > identity as presented in the server's Certificate message in order to > > prevent man-in-the-middle attacks. This change is made in order to be > > secure by default. > > > > Users wishing for the old behaviour, will be to revert by simply > > adding the ssl_verify_hostname='false' to the connection url. > > > > Comments welcome. > > > > Keith. > > > > [1] > > > http://qpid.apache.org/releases/qpid-trunk/programming/book/QpidJNDI.html#idm233123779008 > > > > > > > > ---------- Forwarded message ---------- > > From: Keith Wall (JIRA) <[email protected]> > > Date: 4 August 2014 17:36 > > Subject: [jira] [Created] (QPID-5960) ssl_verify_hostname should > > default to true rather than false > > To: [email protected] > > > > > > Keith Wall created QPID-5960: > > -------------------------------- > > > > Summary: ssl_verify_hostname should default to true > > rather than false > > Key: QPID-5960 > > URL: https://issues.apache.org/jira/browse/QPID-5960 > > Project: Qpid > > Issue Type: Improvement > > Components: Java Client > > Reporter: Keith Wall > > Fix For: 0.29 > > > > > > The Java Client's connection url option ssl_verify_hostname has > > traditionally defaulted to false meaning that during the SSL > > negotiation the Java client ignores hostname errors. This is weak: > > by default the client should validate the hostname. If users should > > be forced to turn host name verification off if desired. > > > > I believe this will also bring the behaviour of the Java client in > > line with the CPP client (QPID-5841) > > > > > > > > > > > > > > > > -- > > This message was sent by Atlassian JIRA > > (v6.2#6252) > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > >
