[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Is TLS broken?
I understand that TLS is composed of two parts the Record Protocol and the
Handshake Protocol.
My experience so far leads me to believe that the Handshake Protocol is not
implemented. You can put any certificate in and there's no verification at the
other end. Have I missed something?
This is important, because it would then be possible to recover the
username/password that a replicating server was using (for example).
Are there any alternatives to this? Currently, using SSL wrappers (like
sslwrap) or ssh seems to be the correct solution.