Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-6746

Authentication should only occur over secure channels

    • Type: Icon: Improvement Improvement
    • Resolution: Won't Fix
    • Priority: Icon: Major - P3 Major - P3
    • None
    • Affects Version/s: None
    • Component/s: Replication, Security
    • None
    • Environment:
      All platforms

      Authentication should only occur over secure channels. Support for SSL/TLS communication should be added for authentication.

      This form of authentication should include client certificate authentication for the purpose of mutually authenticating replication partners. Even with anti-replay nonce values and encrypted "keys" clear text authentication will be vulnerable to man-in-the middle attacks.

            Assignee:
            schwerin@mongodb.com Andy Schwerin
            Reporter:
            mark Mark porter
            Votes:
            1 Vote for this issue
            Watchers:
            6 Start watching this issue

              Created:
              Updated:
              Resolved: