crypto/tls: mention in the InsecureSkipVerify docs that it's ok to use with Verify callbacks #39074
Comments
|
Also, would it make sense for the That way, the This could be similar to how the user can specify client certificates. They can either provide them upfront with the Similarly, we currently have |
ALTree
added
NeedsInvestigation
|
Ah, yes, the docs should be a little less categorical. If you set VerifyPeerCertificate you are fine to set InsecureSkipVerify (but should still be careful because you are without a parachute if your VerifyPeerCertificate is wrong). Once you need to customize verification, there are too many different needs, so I prefer not to add a callback for each of them. Instead, in Go 1.15 we are adding an easier to use VerifyConnection callback (#36736). I'll drop in an example of how changing name verification is pretty easy with it. |
FiloSottile
changed the title
|
Change https://golang.org/cl/239746 mentions this issue: |
Hi Go team,
Our teams(security team and gRPC-Go team) are working on a project that might need to set the field 'InsecureSkipVerify' to true to enable 'VerfiyPeerCertificate' in tls.config. However, according to the comments,
we are a bit hesitant to set
InsecureSkipVerifyto true, since it is going to be used in production code. So my questions are:if we set
InsecureSkipVerifyto true but provide proper endpoint verification mechanisms other than the default hostname check, can it be used in the real environment?If the answer to the first question is "yes", can we improve the comments a little bit? If that's the case, "used only for testing" might be a bit misleading.
Thank you so much for the help!
@FiloSottile
The text was updated successfully, but these errors were encountered: