Changes between Initial Version and Version 1 of Ticket #13, comment 5
- Timestamp:
- 01/03/13 00:21:27 (11 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #13, comment 5
initial v1 7 7 * the network between the nginx proxy and the origin server is not trusted. In this case, an untrusted machine could MITM the connection between the proxy and the origin server, and do so undetectably. 8 8 9 So it seems to me like nginx should either remove the capability to do https connections to the origin server when acting as a proxy, or it should enable proper certificate verificationfor these connections.9 So it seems to me like nginx should either remove the capability to do https connections to the origin server when acting as a proxy, or it should enable proper verification of the origin server's identity for these connections. 10 10 11 11 Has this been issued a CVE yet?
