Uploaded image for project: 'Mesos'
  1. Mesos
  2. MESOS-9857

Switch default hostname validation scheme in Mesos

Details

    • Task
    • Status: Open
    • Blocker
    • Resolution: Unresolved
    • None
    • None
    • libprocess
    • None

    Description

      After https://reviews.apache.org/r/70795 has landed, we will continue using the legacy hostname validation scheme by default, exposing users to increased MitM risk and to hangs caused by reverse DNS lookups.

      With the next major release, we should change the default to the 'openssl' scheme and remove the legacy behaviour.

      Attachments

        Issue Links

          Activity

            bennoe Benno Evers created issue -
            bennoe Benno Evers made changes -
            Field Original Value New Value
            Summary Switch default hostname validation in Mesos Switch default hostname validation scheme in Mesos
            bennoe Benno Evers made changes -
            Priority Major [ 3 ] Blocker [ 1 ]
            bennoe Benno Evers made changes -
            Link This issue is blocked by MESOS-9859 [ MESOS-9859 ]
            bbannier Benjamin Bannier made changes -
            Component/s libprocess [ 12320300 ]

            People

              Unassigned Unassigned
              bennoe Benno Evers
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated: