Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Unresolved
Priority: Major - P3
Fix Version/s: None
Affects Version/s: 2.5.3
Component/s: Security
Labels:
None

Assigned Teams:

Server Security
CAR Domain/s:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name(s):
None
Goal Link:
None

NFC Unicode Canonicalization should be used when comparing hostnames with certificate properties in the hostname validation code in the SSL engine for the shell and C++ driver. See http://tools.ietf.org/html/rfc5891 and http://www.ietf.org/rfc/rfc4343.txt

This will be a joint effort with implementing NFC for username, passwords etc.

related to

SERVER-10897 User and role names should be canonicalized by the server using Unicode canonicalization form NFC

Backlog

Assignee:: [DO NOT USE] Backlog - Security Team
Reporter:: Andreas Nilsson (Inactive)
Participants:: [DO NOT USE] Backlog - Security Team, Andreas Nilsson
Votes:: 0 Vote for this issue
Watchers:: 4 Start watching this issue

Created:: Nov 06 2013 04:28:21 PM UTC
Updated:: Dec 06 2022 05:15:11 AM UTC