FingerprintTrustManagerFactory javadoc note cryptic #5173
Comments
|
It only checks the fingerprint. It does not traverse the certificate chain at all. Theoretically, there's a chance where an attacker can forge a certificate with identical fingerprint, although it's not going to be very easy. I agree that it needs better documentation though. Would you be interested in sending us a PR? |
|
Ah ok, it makes sense to point that out. Will make a PR to improve docs. |
|
Thanks a lot, @CodingFabian ! |
|
@CodingFabian any progress here ? |
|
woops, forgot. coming |
CodingFabian
added a commit
to CodingFabian/netty
that referenced
this issue
May 2, 2016
…y javadoc Motivation: The current note reads as if this class is dangerous and advises the reader to "understand what this class does". Modifications: Rewrite the Javadoc note to describe what fingerprint checks are and what problems remain. Result: Clearer description which no longer causes the impression this class is dangerous.
|
Fixed by #5195 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
the javadoc says:
"Never use this {@link TrustManagerFactory} in production unless you are sure exactly what you are doing with it."
I was actually sure that in order to prevent MITM attacks, I want to pin the serverside certificates to a list of well known fingerprints. I do not want to accept other certificates.
So I think I know what I am doing, but this note made me feel uneasy. Why is it formulated so strongly? Why is it not explaining what "this TrustmanagerFactory" actually does?
I am currently trying to figure out if there is an unintentional side effect, but can't find it :-)
The text was updated successfully, but these errors were encountered: