Difference between revisions of "Meetings/Swift"
< Meetings
(Add swiftclient SSL certificate validation topic) |
|||
Line 6: | Line 6: | ||
* python-swiftclient status | * python-swiftclient status | ||
+ | |||
+ | * python-swiftclient SSL certificate validation, facts: | ||
+ | ** Actual https client implementation does not validate server certificate with CA (and will blindly accept self-signed certificate which allow MITM attack). | ||
+ | ** python-swiftclient have been removed from Debian testing because of this vulnerability. | ||
+ | ** Fix is in progress (since Jun 2013): https://review.openstack.org/#/c/33473/. | ||
+ | |||
+ | * python-swiftclient SSL certificate validation, solutions: | ||
+ | ** Finish the fix in progress: | ||
+ | *** pro: it tackles both vulnerability (MITM and CRIME). | ||
+ | *** con: it implements a custom SSL validation just for swiftclient, and this is not a good idea as there's lots of sharp edges, and getting it wrong doesn't fail with obvious failures. | ||
+ | ** Switch to request module | ||
+ | *** pro: common implementation which would remove complexity from swiftclient | ||
+ | *** con: does not implement the SSL compression disabling yet. (This open another vulnerability because of the CRIME attack, though it could be overcome by disabling compression at the server side) | ||
* log #openstack-swift | * log #openstack-swift |
Revision as of 13:11, 17 January 2014
Meeting Time: Every other Wednesday at 19:00 UTC
Next Meeting: Jan 8, 2014 (no meeting Dec 25)
Agenda:
- python-swiftclient status
- python-swiftclient SSL certificate validation, facts:
- Actual https client implementation does not validate server certificate with CA (and will blindly accept self-signed certificate which allow MITM attack).
- python-swiftclient have been removed from Debian testing because of this vulnerability.
- Fix is in progress (since Jun 2013): https://review.openstack.org/#/c/33473/.
- python-swiftclient SSL certificate validation, solutions:
- Finish the fix in progress:
- pro: it tackles both vulnerability (MITM and CRIME).
- con: it implements a custom SSL validation just for swiftclient, and this is not a good idea as there's lots of sharp edges, and getting it wrong doesn't fail with obvious failures.
- Switch to request module
- pro: common implementation which would remove complexity from swiftclient
- con: does not implement the SSL compression disabling yet. (This open another vulnerability because of the CRIME attack, though it could be overcome by disabling compression at the server side)
- Finish the fix in progress:
- log #openstack-swift
- pro: lets people who don't use bouncers see what was said
- con: people are less free with opinions since it will live forever
- sysmeta status
- Swift 1.12.0 release