Project

General

Profile

Actions

Feature #1482

closed

Enable wildcard trust-anchor in ValidatorConfig

Added by Yingdi Yu almost 10 years ago. Updated almost 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Security
Target version:
Start date:
04/14/2014
Due date:
% Done:

100%

Estimated time:

Description

When building a demo application, developers may want to disable packet validation.
Current implementation of ValidatorConfig does not allow that.

We can support this feature by defining a special trust anchor:

trust-anchor
{
  type any
}

As long as such a trust-anchor is defined in config file,
packet validation will be turned off.

Such a type of trust anchor is dangerous and may be abused by developers.
The risk of using it will be emphasized in the document.

Actions #1

Updated by Yingdi Yu almost 10 years ago

  • Assignee set to Yingdi Yu
Actions #2

Updated by Yingdi Yu almost 10 years ago

  • Description updated (diff)
Actions #3

Updated by Yingdi Yu almost 10 years ago

  • Description updated (diff)
Actions #4

Updated by Junxiao Shi almost 10 years ago

  • Subject changed from Enable wildcard trust-anchor in ValdiatorConfig to Enable wildcard trust-anchor in ValidatorConfig

Don't define any "hidden option".

The document SHOULD point of the potential risk of using this trust anchor.

Hiding an option in document is harmful:

  • Code is considered to contain a backdoor - an undocumented security risk.
  • Bloggers may discover this option from code, and write it into tutorials without mentioning its high risk. User won't be warned about the risk when reading document.
Actions #5

Updated by Yingdi Yu almost 10 years ago

  • Description updated (diff)

@Junxiao, I think you are right. This option should be described in docs. We should emphasize the risk of using it.

Actions #6

Updated by Yingdi Yu almost 10 years ago

  • Status changed from New to Code review
  • % Done changed from 0 to 100
Actions #7

Updated by Yingdi Yu almost 10 years ago

  • Category set to Security
  • Status changed from Code review to Closed
  • Target version set to v0.1
Actions

Also available in: Atom PDF