mina-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David Latorre (JIRA)" <j...@apache.org>
Subject [jira] Created: (FTPSERVER-215) Secured data channel in active mode would require the server to have a public certificate for every client.
Date Thu, 06 Nov 2008 18:36:46 GMT
Secured data channel in active mode would require the server to have a public certificate for
every client.
-----------------------------------------------------------------------------------------------------------

                 Key: FTPSERVER-215
                 URL: https://issues.apache.org/jira/browse/FTPSERVER-215
             Project: FtpServer
          Issue Type: Improvement
          Components: Core
    Affects Versions: 1.0-M3, 1.0-M2, 1.0-M1, 1.0-M4
            Reporter: David Latorre
             Fix For: 1.0-M4


In "active mode" , the FtpServer itself will try to open a connection to a client-reported
host and port.  
In this case, if we were using a  SSL connection, the server opens a connection to the client
so it will receive the client's public certificate and will try and check it against its TrustStore.


To my mind, when we are not checking the client certificate we shouldn't check it in Active
data connections either. So we should provide our own TrustManager for this.


 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message