Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-9857

Switch default hostname validation scheme in Mesos

    XMLWordPrintableJSON

    Details

    • Type: Task
    • Status: Open
    • Priority: Blocker
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: libprocess
    • Labels:
      None
    • Target Version/s:

      Description

      After https://reviews.apache.org/r/70795 has landed, we will continue using the legacy hostname validation scheme by default, exposing users to increased MitM risk and to hangs caused by reverse DNS lookups.

      With the next major release, we should change the default to the 'openssl' scheme and remove the legacy behaviour.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                bennoe Benno Evers
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: