Uploaded image for project: 'JGroups'
  1. JGroups
  2. JGRP-2273

ASYM_ENCRYPT: deprecate encrypt_entire_message

    XMLWordPrintable

Details

    • Enhancement
    • Resolution: Done
    • Major
    • 4.1.3
    • None
    • None

    Description

      In ASYM_ENCRYPT, encrypt_entire_message encrypts not only the payload, but also metadata such as destination and sender's address, headers and flags.

      The rationale was to prevent replay attacks. However, this is not an issue, as replayed messages will simply get dropped by the retransmission layer (e.g. NAKACK2 or UNICAST3).

      If people still want this feature, they can write a protocol above ASYM_ENCRYPT, which serializes the entire message into the payload of a new message, and this would be exactly the same as setting encrypt_entire_message to true.

      Attachments

        Issue Links

          is related to

          Bug - A problem that impairs or prevents the functions of the product. JBEAP-19681 JBoss EAP 7.2 Configuration Guide References Deprecated Property

          • Minor - To be worked after urgent, high, and medium priorities are resolved. This term is chosen when the severity of the issue is low, or the complexity or effort to correct it may be higher, relatively speaking. For low priority issues, known workarounds exist or are not needed due to the trivial effort needed to address the issue.
          • Pull Request Sent

          Activity

            People

              rhn-engineering-bban Bela Ban
              rhn-engineering-bban Bela Ban
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: