Summary

The Socks5 proxy mandates that drivers use the socks5 proxy configuration for the MongoClient when connecting to KMS servers during auto encryption (see https://github.com/mongodb/specifications/blob/master/source/socks5-support/socks5.md#:~:text=Drivers%20MUST%20use%20the%20SOCKS5%20proxy%20for%20connections%20to%20MongoDB%20services%20and%20client%2Dside%20field%2Dlevel%20encryption%20KMS%20servers.).  It seems like there would be use cases where users might have their MongoDB servers behind a proxy and KMS servers not behind a proxy or vice versa, or both behind proxies with different configurations.  This behavior was requested by a user in https://jira.mongodb.org/browse/JAVA-4347.

Separate proxy options should be provided for KMS servers.

Motivation

Who is the affected end user?

socks5 auto encryption users with different proxy configurations for their KMS servers than for their database server.

How does this affect the end user?

Users wouldn't be able to use auto encryption and connect through a proxy.

How likely is it that this problem or use case will occur?

Unlikely.  Only one user has indicated that this is behavior they need (see JAVA-4347).

If the problem does occur, what are the consequences and how severe are they?

Users would be unable to connect to their services using auto encryption and their proxy.

Is this issue urgent?

No.

Is this ticket required by a downstream team?

No.

Is this ticket only for tests?

No.

Acceptance Criteria

What specific requirements must be met to consider the design phase complete?