Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Turn off TLS by default and add option to turn it on #3465

Closed
4 tasks
greg-szabo opened this issue Feb 1, 2019 · 0 comments · Fixed by #3492
Closed
4 tasks

Turn off TLS by default and add option to turn it on #3465

greg-szabo opened this issue Feb 1, 2019 · 0 comments · Fixed by #3492
Assignees
@alessio
Labels
S:proposal accepted T: Security

Comments

@greg-szabo
Copy link
Member

greg-szabo commented Feb 1, 2019
edited
Loading

Summary of Bug

Self-signed certificates are making people believe that the communication is secure. That is not the case.

In dev cases, self-signed certificates are a good way to mock security so the developer can see how things will work together. But in any decent prod scenario, those certificates need to be replaced with trusted certificates. (Customer will not trust your self-signed certificate.) And in our case, devs don't need TLS in dev scenarios.

To top that, in any decent prod scenario, header checks, CORS settings and other juicy HTTP-based protocols will be implemented that gaiacli lacks. So, the --insecure flag will be used by default and an additional TLS layer of infrastructure will be built on top of it. (nginx, ELB or other solutions). Those solutions have the option to automatically maintain the certificates too (Let's Encrypt, ACM, etc) while gaiacli cannot provide that either.

With all that said, the self-signed certificates and TLS in gaiacli turns out to have more disadvantages than benefits.

Don't get me wrong, I also hate to throw away code. So as a compromise, I propose we set gaiacli to HTTP by default and add a --tls flag (or --secure or whatever) instead to turn on TLS.

Steps to Reproduce

gaiacli --insecure -> gaiacli --tls

For Admin Use

  • Not duplicate issue
  • Appropriate labels applied
  • Appropriate contributors tagged
  • Contributor assigned/self-assigned
alessio pushed a commit that referenced this issue Feb 1, 2019
gaiacli switches back to insecure mode by default
a6b22d9 
- `--insecure` flag is removed.
- `--tls` is now used to enable secure layer.

Closes: #3465
@alessio alessio self-assigned this Feb 1, 2019
@alessio alessio mentioned this issue Feb 1, 2019
Merged
5 tasks
alessio pushed a commit that referenced this issue Feb 4, 2019
disable TLS flag by default
585a6e3 
Really closes: #3465
@alessio alessio mentioned this issue Feb 4, 2019
Merged
5 tasks
This was referenced Jun 14, 2020
Closed
Merged
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees

@alessio alessio

Labels
S:proposal accepted T: Security
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

R4R: disable TLS flag by default cosmos/cosmos-sdk
3 participants
@alessio @jackzampolin @greg-szabo