[SERVER-11375] Change the sslMode parameter values Created: 25/Oct/13 Updated: 19/Dec/13 Resolved: 14/Nov/13 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Networking, Security |
| Affects Version/s: | 2.5.3 |
| Fix Version/s: | 2.5.4 |
| Type: | Improvement | Priority: | Major - P3 |
| Reporter: | Andreas Nilsson | Assignee: | Andreas Nilsson |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Participants: |
| Description |
|
The current sslMode parameter values are: noSSL - use unencrypted incoming and outgoing connections New proposal, change these parameters to: with or without the SSL postfixes. Will ponder the change over the weekend. |
| Comments |
| Comment by Githook User [ 14/Nov/13 ] |
|
Author: {u'username': u'agralius', u'name': u'Andreas Nilsson', u'email': u'andreas.nilsson@10gen.com'}Message: |
| Comment by Andreas Nilsson [ 06/Nov/13 ] |
| Comment by Eric Milkie [ 25/Oct/13 ] |
|
If I were a user reading through those parameter options, I would have no idea what the difference between allowSSL and preferSSL were. |
| Comment by Eric Milkie [ 25/Oct/13 ] |
|
I dislike "preferSSL". "preferSSL" literally means "when given a choice of SSL or not, choose SSL. But when SSL is not a valid choice, don't use it". This situation does not apply to the server in any meaningful way. |