Project

General

Profile

Actions

Bug #9907

closed

Do not show incompatible ECDSA certs for DNS Resolver

Added by Viktor Gurov over 4 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
DNS Resolver
Target version:
Start date:
11/16/2019
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.5.0
Affected Architecture:

Description

Do not show incompatible ECDSA certs for DNS Resolver
It is difficult to find EC curves supported by each DNS implementation, so
It’s better to use the “safe list” of curves anyway

same as https://redmine.pfsense.org/issues/9897

p.s. 1.1.1.1 and 9.9.9.9 uses secp256r1

https://github.com/pfsense/pfsense/pull/4115

Actions #1

Updated by Jim Pingle over 4 years ago

  • Status changed from New to Pull Request Review
  • Assignee set to Jim Pingle
  • Target version set to 2.5.0
Actions #2

Updated by Renato Botelho over 4 years ago

  • Status changed from Pull Request Review to Feedback
  • % Done changed from 0 to 100

PR has been merged. Thanks!

Actions #3

Updated by Viktor Gurov about 4 years ago

Renato Botelho wrote:

PR has been merged. Thanks!

Tested on pfSense 2.5.0.a.20191217.2217

Resolved

Actions #4

Updated by Jim Pingle about 4 years ago

  • Status changed from Feedback to Resolved
Actions #5

Updated by Jim Pingle over 3 years ago

  • Tracker changed from Feature to Bug
  • Subject changed from do not show incompatible ECDSA certs for DNS Resolver to Do not show incompatible ECDSA certs for DNS Resolver
  • Affected Version set to 2.5.0
Actions

Also available in: Atom PDF