-
Improvement
-
Resolution: Unresolved
-
Minor
-
None
-
4.0
-
MOODLE_400_STABLE
This was create by MDL-73517, when it was detected the we are using RC4 as cypher method for MNet encryption. From the original issue:
2) Create another issue, about to consider moving the "RC4" default to a better one, surely including init vector too.
Note that, in practice... 2) is not critical as far as now all sites run over SSL, hence, data is double encrypted, once by the MNet RC4 implementation, not ideal, and another by the http SSL layer (usually safer).
Also, this needs to be done in a "BC way" so old sites (still using RC4 unconditionally) are able to talk with newer sites using another, better, cypher. That, or explicitly warn that, when this is implemented, older sites won't be able to talk with new ones anymore.
- blocks
-
MDL-81669 Upgrade phpxmlrpc to the 4.11.1
-
- Waiting for integration review
-
- Discovered while testing
-
MDL-73517 openssl_seal() and openssl_open() method param is now required
-
- Closed
-
-
MDLQA-18973 CLONE - A student can export data to Mahara
-
- Passed
-
- has been marked as being related by
-
MDL-83435 Remove MNET-related plugins
-
- Open
-
- is duplicated by
-
MDL-84033 Unable to set up peer-to-peer networking using MNet
-
- Closed
-