Ticket #77 (new enhancement)

Opened 2 years ago

https server acesses a directory with client ca's. same https server for different transport channels can cause seurity hole

Reported by: sacha Assigned to: sacha
Priority: major Milestone: general-future
Component: security Version: pre-first-version
Keywords: Cc:

Description

when an exchange point with http over ssl is started a directory of trusted certifciates (a client certificate must be signed by one of those) must be passed on.

Now if this HTTPS server is used for multiple transport channels where the transport channels have different trust anchors then the checks will be invalid.

Some logic testing must be setup when a HTTPS server is started or when a new CPA is imported to not cause some security hole.