honeymoose/OpenSearch
1
0
Fork 0
mirror of https://github.com/honeymoose/OpenSearch.git synced 2025-02-05 20:48:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/x-pack
History
Ioannis Kakavas e0331e2a0f
Remove limitation for SAML encryption in FIPS mode (#48948) (#49019) 
Our documentation regarding FIPS 140 claimed that when using SAML
in a JVM that is configured in FIPS approved only mode, one could
not use encrypted assertions. This stemmed from a wrong
understanding regarding the compliance of RSA-OAEP which is used
as the key wrapping algorithm for encrypting the key with which the
SAML Assertion is encrypted.

However, as stated for instance in
https://downloads.bouncycastle.org/fips-java/BC-FJA-SecurityPolicy-1.0.0.pdf
RSA-OAEP is approved for key transport, so this limitation is not
effective.

This change removes the limitation from our FIPS 140 related
documentation.
2019-11-13 12:10:01 +02:00
..
dev-tools
Build: Merge xpack checkstyle config into core (#33399)
2018-09-05 09:17:02 -04:00
docs
Remove limitation for SAML encryption in FIPS mode (#48948) (#49019)
2019-11-13 12:10:01 +02:00
license-tools
[Backport] Remove dependency substitutions 7.x (#42866)
2019-06-04 13:50:23 -07:00
plugin
Ensure parameters are updated when merging flattened mappings. (#48971) (#49014)
2019-11-12 21:50:39 -05:00
qa
[7.x] Mute FullClusterRestartTest#testWatcher and 30s timeout… (#48850)
2019-11-11 09:38:14 -06:00
snapshot-tool
[7.x] Introduce type-safe and consistent pattern for handling build globals (#48818)
2019-11-01 11:33:11 -07:00
test
Document SAML APIs (#45105) (#47909)
2019-10-11 16:34:11 +03:00
transport-client
[Backport] Remove dependency substitutions 7.x (#42866)
2019-06-04 13:50:23 -07:00
build.gradle
[Backport] Remove dependency substitutions 7.x (#42866)
2019-06-04 13:50:23 -07:00
NOTICE.txt
README.md

README.md

Elastic License Functionality

This directory tree contains files subject to the Elastic License. The files subject to the Elastic License are grouped in this directory to clearly separate them from files licensed under the Apache License 2.0.