Uploaded image for project: 'C# Driver'
  1. C# Driver
  2. CSHARP-3692

Backport disabling of certificate revocation checking by default

    • Type: Icon: Improvement Improvement
    • Resolution: Won't Fix
    • Priority: Icon: Unknown Unknown
    • None
    • Affects Version/s: None
    • Component/s: Configuration, Security
    • None

      It's a continuing problem for users that older driver releases default to enabling of certificate revocation checking by default.

      This ticket is intended to track the work to backport the change made in the 2.7.0 release in scope of CSHARP-2279 to earlier releases of the driver.

      While it's unusual to change defaults like this in a patch release, especially around security, in practice this might be the least of evils, as it's causing continuing pain whenever LetsEncrypt has an outage. As of today, LetsEncrypt has had 21 service disruptions YTD.

      One open question is how many releases to backport the change to. The setting, defaulting to true, was introduced all the way back in the 1.8 release (9 years ago)

            Assignee:
            rachelle.palmer@mongodb.com Rachelle Palmer
            Reporter:
            jeff.yemin@mongodb.com Jeffrey Yemin
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: