I was hoping the security enhancements would include SSL certificate validation. Anyone know why they don't do that, or how a user should approach that limitation?
We'll be moving away from MongoDB because it doesn't support certificate validation. What is the point of SSL connections if you don't validate the certificate? It seems that you get all the drawbacks of encryption (overhead, throughput) with none of the benefits (security).
