[jboss-jira] [JBoss JIRA] (ELY-212) Client-side SSL context configuration is subtly wrong
David Lloyd (JIRA)
issues at jboss.org
Thu Jun 11 11:22:03 EDT 2015
David Lloyd created ELY-212:
-------------------------------
Summary: Client-side SSL context configuration is subtly wrong
Key: ELY-212
URL: https://issues.jboss.org/browse/ELY-212
Project: WildFly Elytron
Issue Type: Bug
Reporter: David Lloyd
Assignee: David Lloyd
SSL context client-side configuration is problematic in that the SSL context is not (and cannot be) cached. This means that we lose SSL session reuse and other benefits which may cause problems for users.
However we also cannot just cache an SSL context on a configuration either - the client credentials may vary on each request, causing leakage between identities.
What we need to do is have a separate SSL context client configuration mechanism, and use the generic client context configuration to reference this SSL context client configuration.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the jboss-jira
mailing list