Project

General

Profile

Bug #473

TSIG security downgraded

Added by Marc Dequènes about 4 years ago. Updated about 2 years ago.

Status:
Resolved
Priority:
High
Category:
Service :: DNS
Start date:
2015-08-03
Due date:
% Done:

100%

Estimated time:
Patch Available:
Confirmed:
No
Branch:
Entity:
DuckCorp
Security:
Yes
Help Needed:

Description

Hivane decided to use another DNS server which is not capable of high ciphers yet.

Pilou confirmed the new cipher is acceptable but it is the minimum acceptable by ANSSI so I don't feel comfortable with it. We need to switch back to higher security as soon as possible.

History

#1

Updated by Pierre-Louis Bonicoli almost 4 years ago

  • Description updated (diff)
#2

Updated by Marc Dequènes over 2 years ago

  • Status changed from New to Blocked

New version of the software with stronger ciphers will be available in Debian Stretch.

#3

Updated by Marc Dequènes about 2 years ago

Pinged Titoon about it now that Stretch is out.

#4

Updated by Marc Dequènes about 2 years ago

  • Assignee set to Marc Dequènes
#5

Updated by Marc Dequènes about 2 years ago

  • Status changed from Blocked to Resolved
  • % Done changed from 0 to 100

Hivane upgraded and we switched back to the previous higher grade keys with Titoon.

Also available in: Atom PDF