[jira] [Commented] (CASSANDRA-8265) Disable SSLv3 for POODLE

Jeremiah Jordan (JIRA) Thu, 06 Nov 2014 07:37:08 -0800

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-8265?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14200335#comment-14200335
 ]


Jeremiah Jordan commented on CASSANDRA-8265:
--------------------------------------------

We already let people specify the "protocol" in cassandra.yaml to force TLS, 
but we default it to be commented out.  Should we default to having protocol 
uncommented?

> Disable SSLv3 for POODLE
> ------------------------
>
>                 Key: CASSANDRA-8265
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-8265
>             Project: Cassandra
>          Issue Type: Bug
>            Reporter: Jeremiah Jordan
>
> We should probably disable SSLv3.
> http://www.oracle.com/technetwork/java/javase/documentation/cve-2014-3566-2342133.html



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CASSANDRA-8265) Disable SSLv3 for POODLE

Reply via email to