otp icon indicating copy to clipboard operation
otp copied to clipboard

Published 20 hours ago verified publisher icon erlang

inets: Make https requests verify host by default

Open dgud opened this issue 2 years ago • 3 comments

Make ssl connections more secure by default.

dgud avatar Jul 04 '22 15:07 dgud

CT Test Results

    2 files    21 suites   12m 58s :stopwatch: 333 tests 310 :heavy_check_mark: 22 :zzz: 1 :x: 556 runs  518 :heavy_check_mark: 38 :zzz: 0 :x:

For more details on these failures, see this check.

Results for commit 20a73780.

:recycle: This comment has been updated with latest results.

To speed up review, make sure that you have read Contributing to Erlang/OTP and that all checks pass.

See the TESTING and DEVELOPMENT HowTo guides for details about how to run test locally.

Artifacts

// Erlang/OTP Github Action Bot

github-actions[bot] avatar Jul 04 '22 15:07 github-actions[bot]

@voltone - it's finally happening, one of the first items we had under "what EEF Security WG should attempt". Thanks @dgud !

max-au avatar Jul 05 '22 17:07 max-au

Any opinions of we should use wildcard matching on the hostnames or not? Currently it used, so slightly more insecure but used almost on all hosts.

dgud avatar Jul 07 '22 07:07 dgud