You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The reporter notes that Your package uses the Perl module HTTP::Tiny, but it does not force
the verify_SSL attribute to a true value. ... I believe that the encryption of a transmission has no value when
talking to the wrong person.
While you document in Search::Elasticsearch::Cxn::HTTPTiny how to turn on remote host verification, would you consider switching the default to always verify https connections (and perhaps giving your user the option to turn verification back off should this really be needed)?
The text was updated successfully, but these errors were encountered:
I'm forwarding Debian bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954111
The reporter notes that Your package uses the Perl module HTTP::Tiny, but it does not force
the verify_SSL attribute to a true value. ... I believe that the encryption of a transmission has no value when
talking to the wrong person.
While you document in Search::Elasticsearch::Cxn::HTTPTiny how to turn on remote host verification, would you consider switching the default to always verify https connections (and perhaps giving your user the option to turn verification back off should this really be needed)?
The text was updated successfully, but these errors were encountered: