30 Jan
2006
30 Jan
'06
5:56 p.m.
All:
Is there a setting in Stunnel to do FQDN checking? Level 3 checking requires a local copy of the Peer's certificate. When doing mutual authentication, I run into scalability issues when the devices Run into the thousands using Level3 validation. However, if Stunel was capable of doing FQDN checks, That would help while not requiring me to do level 3 checks (although that is probably better).
Thanks
Sekhar
31 Jan
31 Jan
8:51 a.m.
Nagasundaram, Sekhar wrote:
Is there a setting in Stunnel to do FQDN checking?
DNS is not a secure protocol (http://www.securesphere.net/download/papers/dnsspoof.htm). Security should not be based on DNS checks. I'm not going to implement this feature.
Best regards, Mike
6870
Age (days ago)
6871
Last active (days ago)
1 comments
2 participants
participants (2)
-
Michal Trojnara -
Nagasundaram, Sekhar