#946 Evaluate reintroducing s2s_require_encryption in the default configuration for 0.10

Reporter Link Mauve
Owner Nobody
Created
Updated
Stars ★ (1)  
Tags
  • Milestone-0.10
  • Type-Enhancement
  • Status-Fixed
  • Priority-Medium
  1. Link Mauve on

    Description of feature: s2s_require_encryption has been removed from the distributed configuration file in 5409:8e98a58ab6a3 (April 2013), on the basis that people would switch to s2s_secure_auth. Four years later, there are still way too many self-signed, expired or invalid certificates in the wild for most administrators to enable unconditional certificate validation, while unconditional encryption is in much closer reach. Therefore, I propose to reintroduce s2s_require_encryption in the distributed config file and set it to true by default, in order to fasten its adoption by the entire network.

  2. Zash on

    We should consider this. And the decision predates the whole Snowden thing which highlighted that unauthenticated encryption is still valuable. Because config changes require matching changes to our packages, such changes are best done close to the release when we'll be updating the package anyways.

    Changes
    • tags Milestone-0.10 Status-Accepted
  3. MattJ on

    Done

    Changes
    • tags Status-Fixed

New comment