You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The SeattleGENI XMLRPC Client Library (https://seattle.cs.washington.edu/wiki/SeattleGeniClientLib) currently talks to our XMLRPC frontend server over HTTPS (SSL), but does not validate nor check the server's SSL certificate. This is very insecure, as it allows for man-in-the-middle attacks via self-signed certs.
A possible solution would be to use a 3rd-party package, such as M2Crypto to handle SSL certificate checking. Or, python 2.6+ also supports SSL cert verification. The tricky part will be finding where SSL root certs exist on the system; in order to verify the cert chain.
The text was updated successfully, but these errors were encountered:
The SeattleGENI XMLRPC Client Library (https://seattle.cs.washington.edu/wiki/SeattleGeniClientLib) currently talks to our XMLRPC frontend server over HTTPS (SSL), but does not validate nor check the server's SSL certificate. This is very insecure, as it allows for man-in-the-middle attacks via self-signed certs.
A possible solution would be to use a 3rd-party package, such as M2Crypto to handle SSL certificate checking. Or, python 2.6+ also supports SSL cert verification. The tricky part will be finding where SSL root certs exist on the system; in order to verify the cert chain.
The text was updated successfully, but these errors were encountered: