-
Type:
Improvement
-
Resolution: Won't Fix
-
Priority:
Major - P3
-
None
-
Affects Version/s: None
-
Component/s: Replication, Security
-
None
-
Environment:All platforms
Authentication should only occur over secure channels. Support for SSL/TLS communication should be added for authentication.
This form of authentication should include client certificate authentication for the purpose of mutually authenticating replication partners. Even with anti-replay nonce values and encrypted "keys" clear text authentication will be vulnerable to man-in-the middle attacks.
- is depended on by
-
SERVER-4319 MongoDB Authentication related queries/issues
-
- Closed
-
- is duplicated by
-
-
- Closed
-