jmeter-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Philippe Mouawad <philippe.moua...@gmail.com>
Subject Re: Increase validity duration of JMeter Root CA
Date Thu, 19 Jul 2018 09:34:29 GMT
On Thu, Jul 19, 2018 at 11:31 AM, sebb <sebbaz@gmail.com> wrote:

> On 19 July 2018 at 10:28, Philippe Mouawad <philippe.mouawad@gmail.com>
> wrote:
> > Hello sebb,
> >
> > Yes users can change, but once again, it means adjusting defaults,
> knowing
> > they can be adjusted and which property it is.
>
> That can be documented.
>

Which means all users read the whole documentation, do you think they do ?
I guess you know the famous RTFM :-)


> > Why not make defaults better for usability ?
>
> Because it compromises security.
>

Can you give more details ?


>
> > It looks like 3 months would be good for Bruno, Antonio, me.
> > Is it really a blocker for you ? if yes why ?
>
> As above.
>
> > @Others what's your opinion ?
> >
> > Thanks
> >
> >
> >
> > On Thu, Jul 19, 2018 at 10:55 AM, sebb <sebbaz@gmail.com> wrote:
> >
> >> It's a trade-off between convenience and security.
> >>
> >> It's risky adding the certificate to the browser.
> >>
> >> I don't think the default should be changed.
> >>
> >> Users can always change it themselves if they accept the risks.
> >> E.g. if they use a separate browser installation that has certificate,
> >> then a longer validity is more sensible.
> >> It's too easy to forget that the cert has been added to the browser.
> >>
> >> S.
> >> On 19 July 2018 at 09:35, Antonio Gomes Rodrigues <ra0077@gmail.com>
> >> wrote:
> >> > +1 for me
> >> >
> >> > Le jeu. 19 juil. 2018 à 10:27, Philippe Mouawad <
> >> > p.mouawad@ubik-ingenierie.com> a écrit :
> >> >
> >> >> Hello,
> >> >> Currently :
> >> >>
> >> >>    - proxy.cert.validity=7
> >> >>
> >> >>
> >> >> This is annoying for users who must remember to add the ROOT JMeter
> >> >> certificate to browser every week .
> >> >>
> >> >> I would suggest setting it to 1 year or at least 1 month.
> >> >>
> >> >> Regards
> >> >> Philippe
> >> >>
> >>
> >
> >
> >
> > --
> > Cordialement.
> > Philippe Mouawad.
>



-- 
Cordialement.
Philippe Mouawad.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message