From 246aee906196de28a07d413b7bc00196372f0351 Mon Sep 17 00:00:00 2001 From: Valentin Lorentz Date: Wed, 24 Feb 2016 17:25:09 +0100 Subject: [PATCH] Add basic doc on SSL cert validation. --- use/index.rst | 1 + use/security.rst | 53 ++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) create mode 100644 use/security.rst diff --git a/use/index.rst b/use/index.rst index 8739681..06c365c 100644 --- a/use/index.rst +++ b/use/index.rst @@ -12,6 +12,7 @@ The Supybot user guide configuration.rst identifying_to_services.rst capabilities.rst + security.rst faq.rst httpserver.rst supybot-botchk.rst diff --git a/use/security.rst b/use/security.rst new file mode 100644 index 0000000..5c3a633 --- /dev/null +++ b/use/security.rst @@ -0,0 +1,53 @@ +******************** +Security in Limnoria +******************** + +Trust in network operators +========================== + +to do + + +.. _security-ssl: + +Network connections / SSL +========================= + +Background on SSL certification validation +------------------------------------------ + +to do + +Certificate validation in Limnoria +---------------------------------- + +Until version 2016.02.24, Limnoria did not support certificate validation. +Starting from this version, it is possible, but disabled by default, in order +to not break existing bot when updating. + +Certificate validation can be enabled using this command:: + + @config supybot.protocols.ssl.verifyCertificates true + +Available validation mechanisms are Certification Authorities and +fingerprint checking. + +Certificate Authorities +----------------------- + +to do + +Fingerprint checking +-------------------- + +to do + +.. _ssl-python-versions: + +Supported python versions +------------------------- + +Fingerprint checking is available in all Python versions. + +CA validation is available in Python 2, starting on 2.7.9; and +Python 3, starting on 3.4.