db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bernt M. Johnsen (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2363) Add initial handshake on connection setup to determine server's required ssl support level and avoid client side attribute settings.
Date Wed, 21 Feb 2007 22:08:05 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12474850
] 

Bernt M. Johnsen commented on DERBY-2363:
-----------------------------------------

I like this idea. The client could also keep a hashtable of all host/portnumber pairs to keep
track of which servers that are plaintext and thus avoid the overhead of trying out SSL on
servers that already proven themselves to be plaintext.

DERBY-2356 proposes three modes for ssl: off, basic and peerAuthentication. If we add negotiable
and use that as default for the client we will have all we need. 

> Add initial handshake on connection setup to determine server's required ssl support
level and avoid client side attribute settings.
> ------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-2363
>                 URL: https://issues.apache.org/jira/browse/DERBY-2363
>             Project: Derby
>          Issue Type: Improvement
>          Components: Network Client, Network Server, Security
>            Reporter: Daniel John Debrunner
>
> Based upon some of the discussion in DERBY-2108, it would be useful to have some initial
handshake between the client and the server to indicate the required level of ssl support.
This would avoid client applications having to setup ssl related JDBC attributes or DataSource
properties.
> Thus one could change the server to be ssl enabled without having to change any applications.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message