calcite icon indicating copy to clipboard operation
calcite copied to clipboard

Published 20 hours ago verified publisher icon apache

SSL is not secure

Open YYTVicky opened this issue 4 years ago • 2 comments

YYTVicky avatar Mar 05 '20 05:03 YYTVicky

TrustAllSslSocketFactory is inherently non secure. Even though I do not object committing the change, I object specifying "ssl is not secure" in the commit message and the release notes.

Can you please figure out the proper commit message and description to justify the change provided TrustAll will always be insecure?

vlsi avatar Mar 05 '20 07:03 vlsi

Hi, Thanks a lot for your kind feedback. Since our tool only detects the API invocation with an insecure parameter, it will recommend the suggestions. Currently, it not able to take care of the semantic issues. Sorry about that

YYTVicky avatar Apr 30 '20 01:04 YYTVicky