<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:22:36 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DRIVERS-928] Change security constraints for command monitoring</title>
                <link>https://jira.mongodb.org/browse/DRIVERS-928</link>
                <project id="10980" key="DRIVERS">Drivers</project>
                    <description>&lt;p&gt;The constraints for redacting security-sensitive commands in command monitoring require the driver to check the command name against a pre-defined list (&lt;a href=&quot;https://github.com/mongodb/specifications/blob/master/source/command-monitoring/command-monitoring.rst#security&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/specifications/blob/master/source/command-monitoring/command-monitoring.rst#security&lt;/a&gt;).&lt;/p&gt;

&lt;p&gt;However, this gets complicated by things like speculative authentication, which mandates that drivers redact &lt;tt&gt;isMaster&lt;/tt&gt; if the &lt;tt&gt;speculativeAuthenticate&lt;/tt&gt; field is present. This is error prone because sending an isMaster command with that field does not guarantee that the reply will also have the field, so a driver checking both the request and response might redact the started event but publish the finished event.&lt;/p&gt;

&lt;p&gt;This can be simplified by mandating that drivers must not publish events for any commands sent during the handshake, authentication, or SDAM routines. This way, any commands explicitly sent by the user are monitored and commands internally started by the driver are not.&lt;/p&gt;</description>
                <environment></environment>
        <key id="1254923">DRIVERS-928</key>
            <summary>Change security constraints for command monitoring</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="12300">Won&apos;t Do</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="divjot.arora@mongodb.com">Divjot Arora</reporter>
                        <labels>
                    </labels>
                <created>Mon, 9 Mar 2020 20:38:00 +0000</created>
                <updated>Mon, 23 Mar 2020 18:11:58 +0000</updated>
                            <resolved>Mon, 23 Mar 2020 18:11:42 +0000</resolved>
                                                                            <votes>0</votes>
                                    <watches>4</watches>
                                                                                                                    <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                                        </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                            <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hwt5hz:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        </customfields>
    </item>
</channel>
</rss>