Project

General

Profile

Feature #9907

do not show incompatible ECDSA certs for DNS Resolver

Added by Viktor Gurov 3 months ago. Updated 2 months ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
DNS Resolver
Target version:
Start date:
11/16/2019
Due date:
% Done:

100%

Estimated time:

Description

Do not show incompatible ECDSA certs for DNS Resolver
It is difficult to find EC curves supported by each DNS implementation, so
It’s better to use the “safe list” of curves anyway

same as https://redmine.pfsense.org/issues/9897

p.s. 1.1.1.1 and 9.9.9.9 uses secp256r1

https://github.com/pfsense/pfsense/pull/4115

History

#1 Updated by Jim Pingle 3 months ago

  • Status changed from New to Pull Request Review
  • Assignee set to Jim Pingle
  • Target version set to 2.5.0

#2 Updated by Renato Botelho 2 months ago

  • Status changed from Pull Request Review to Feedback
  • % Done changed from 0 to 100

PR has been merged. Thanks!

#3 Updated by Viktor Gurov 2 months ago

Renato Botelho wrote:

PR has been merged. Thanks!

Tested on pfSense 2.5.0.a.20191217.2217

Resolved

#4 Updated by Jim Pingle 2 months ago

  • Status changed from Feedback to Resolved

Also available in: Atom PDF