[PROTON-73] Server should force renegotiate when client authentication setting is changed on an active connection. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: Minor
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: proton-c-future
Component/s: proton-c
Labels:
- security
- tls

Description

If the server application changes the peer authentication setting from 'anonymous' to 'verify-peer' while an SSL session is active, then the server should force the client to re-negotiate (SSL handshake) to verify the remote's identity.

Attachments

Activity

People

Assignee:: Ken Giusti

Reporter:: Ken Giusti

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 11/Oct/12 18:58

Updated:: 02/May/18 22:07