[NIFI-1525] Audit use of private keys throughout application - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Information Provided
Affects Version/s: 0.5.0
Fix Version/s: None
Component/s: Core Framework
Labels:
- keys
- security

Description

Throughout the application, private keys are used for authentication and encryption in a number of scenarios. These uses are handled independently and sometimes inconsistently.

Identify any outstanding issues with the use and protection of private keys (lack of enforcement of passphrases, etc.) and possibly provide a consumable framework service to handle this task to deduplicate effort/code and provide a consistent experience.

Attachments

Issue Links

Is contained by

NIFI-5458 Improve NiFi TLS and certificate management

Resolved

is related to

NIFI-1415 FetchSFTP should not require password or private key passphrase

Resolved

NIFI-1252 The FetchSFTP processor has inconsistent behavior when using public/private keys for login

Resolved

NIFI-1478 Audit SSLContextFactory and SSLSocketFactory usage throughout application

Resolved

NIFI-1277 Audit current use of cryptography throughout application

Resolved

Activity

People

Assignee:: Andy LoPresto

Reporter:: Andy LoPresto

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 17/Feb/16 18:36

Updated:: 28/Sep/21 16:25

Resolved:: 28/Sep/21 16:25