[bind10-dev] bindctl not checking server certificate chain by default
Shane Kerr
shane at isc.org
Wed Oct 24 10:35:14 UTC 2012
All,
On Friday, 2012-10-19 11:31:32 -0700,
JINMEI Tatuya / 神明達哉 <jinmei at isc.org> wrote:
> > I think we could start asking for certificates once you connect
> > over network, but if you try to connect to localhost, I don't think
> > it is needed (the man-in-the middle attack is not that probable).
>
> I think something like this is a reasonable compromise.
I agree with Jinmei. Are we ready to create a ticket now? :)
--
Shane
More information about the bind10-dev
mailing list