cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stefan Podkowinski (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-13404) Hostname verification for client-to-node encryption
Date Fri, 22 Sep 2017 09:28:00 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-13404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16176162#comment-16176162
] 

Stefan Podkowinski commented on CASSANDRA-13404:
------------------------------------------------

We already have a plugable interface for authentication: IAuthenticator. But it's working
on the application layer, i.e. the tls connection will already be established at this point.


The IAuthenticator interface and the SASL based negotiation process is pretty flexible though.
You can already create and use your own implementation that would validate any provided certificate
as you see fit. But then you'd also have to implement this on the client side as well and
I'm not sure if that would be possible for you.

> Hostname verification for client-to-node encryption
> ---------------------------------------------------
>
>                 Key: CASSANDRA-13404
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-13404
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: Jan Karlsson
>            Assignee: Jan Karlsson
>             Fix For: 4.x
>
>         Attachments: 13404-trunk.txt
>
>
> Similarily to CASSANDRA-9220, Cassandra should support hostname verification for client-node
connections.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org


Mime
View raw message