[OPNFLWPLUG-485] Address various encryption related CVEs and RFCs - OpenDaylight JIRA

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Resolution: Done
Affects Version/s: None
Fix Version/s: None
Component/s: General
Labels:
None
Environment:

Operating System: All
Platform: All

External issue ID:
3585

Description

Openflow plugin uses TLS without restricting the cipher list to eliminate various ciphers which have been found vulnerable:

RC4 - RFC 7465
Export ciphers - LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks CVE-2015-4000

This is presently being worked on the controller project as bugs 3351, 3352, 3353.

3352 should provide the relevant configuration mechanisms and utility classes for other projects to use to configure ciphers for native (not http) tls correctly.

Attachments

Issue Links

is blocked by

CONTROLLER-1354 [SECURITY] LOGJAM: TLS connections which support export grade DHE key-exchange are vulnerable to MITM attacks CVE-2015-4000

Resolved

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews
- Show All Issues
- Show Open Issues

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Unassigned

Reporter:: Anton Ivanov

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 04/Jun/15 4:02 PM

Updated:: 27/Sep/21 9:01 AM

Resolved:: 09/Sep/15 1:56 PM