Project

General

Profile

Bug #9907

Do not show incompatible ECDSA certs for DNS Resolver

Added by Viktor Gurov over 1 year ago. Updated 6 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
DNS Resolver
Target version:
Start date:
11/16/2019
Due date:
% Done:

100%

Estimated time:
Affected Version:
2.5.0
Affected Architecture:
Release Notes:
Default

Description

Do not show incompatible ECDSA certs for DNS Resolver
It is difficult to find EC curves supported by each DNS implementation, so
It’s better to use the “safe list” of curves anyway

same as https://redmine.pfsense.org/issues/9897

p.s. 1.1.1.1 and 9.9.9.9 uses secp256r1

https://github.com/pfsense/pfsense/pull/4115

History

#1 Updated by Jim Pingle over 1 year ago

  • Status changed from New to Pull Request Review
  • Assignee set to Jim Pingle
  • Target version set to 2.5.0

#2 Updated by Renato Botelho over 1 year ago

  • Status changed from Pull Request Review to Feedback
  • % Done changed from 0 to 100

PR has been merged. Thanks!

#3 Updated by Viktor Gurov over 1 year ago

Renato Botelho wrote:

PR has been merged. Thanks!

Tested on pfSense 2.5.0.a.20191217.2217

Resolved

#4 Updated by Jim Pingle over 1 year ago

  • Status changed from Feedback to Resolved

#5 Updated by Jim Pingle 6 months ago

  • Tracker changed from Feature to Bug
  • Subject changed from do not show incompatible ECDSA certs for DNS Resolver to Do not show incompatible ECDSA certs for DNS Resolver
  • Affected Version set to 2.5.0

Also available in: Atom PDF