[Issue 4002] New - Proxy credentials should be strongly encrypted

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[Issue 4002] New - Proxy credentials should be strongly encrypted

rcsilva83
https://hudson.dev.java.net/issues/show_bug.cgi?id=4002
                 Issue #|4002
                 Summary|Proxy credentials should be strongly encrypted
               Component|hudson
                 Version|current
                Platform|All
              OS/Version|All
                     URL|
                  Status|NEW
       Status whiteboard|
                Keywords|
              Resolution|
              Issue type|ENHANCEMENT
                Priority|P3
            Subcomponent|core
             Assigned to|issues@hudson
             Reported by|rcsilva83






------- Additional comments from [hidden email] Thu Jul  9 11:54:57 +0000 2009 -------
Proxy authentication credentials today are weakly encrypted, so anybody can
reverse engineering to view the proxy's password. This problem appears to user
as in the issue #4000. So, to avoid such security flaws, it should have an
option encrypt password with a "Master Password" (like Firefox does).

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]