Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
-
None
Description
In cryptography legislation, it is a common thing to restrict the available cryptography method to a set of compliant implementations, like algorithms cyphers hashes etc.
This umbrella JIRA is created to collect all the places where we have an already configurable cryptography method related configuration, and define common whitelists of methods for these configuration options.
The suggested default value is the wildcard character (*), so it conveniently marks that any implementation is allowed to be chosen.
With this approach, in an environment where compliance is required, there is a possibility to restrict the valid configuration values to the compliant ones.
The scope of this work is restricted to the currently existing configuration options, with that have a basic understanding of how these configs will look like.
The suggested prefix for these whitelists is "ozone.crypto.allowed." and we can use this as a general definition for different methods as a start.