[jira] [Commented] (CASSANDRA-13325) Bring back the accepted encryption protocols list as configurable option

Tue, 14 Mar 2017 01:56:55 -0700 

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-13325?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15923812#comment-15923812
 ] 

Stefan Podkowinski commented on CASSANDRA-13325:
------------------------------------------------

bq. But a malicious client might force TLSv1.0 which is susceptible to POODLE 
attacks.

Are you talking about a potential downgrade attack here or clients that are 
created to connect specifically through TLSv1.0? Do you have any source for 
claiming TLS 1.0 on the JVM is vulnerable to POODLE attacks? 

bq. At the moment only way to restrict the encryption protocol is using the 
jdk.tls.client.protocols systems property. If I dont have enough access to 
modify this property, I dont have any way of restricting the encryption 
protocols.

System properties for Cassandra can either be specified in the {{jvm.options}} 
file or {{JVM_OPTS}} environment variable. If you don't have enough access to 
{{cassandra.yaml}}, you wouldn't be able to change it either, so I don't see 
the point here.


> Bring back the accepted encryption protocols list as configurable option
> ------------------------------------------------------------------------
>
>                 Key: CASSANDRA-13325
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-13325
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Configuration
>            Reporter: Nachiket Patil
>            Priority: Minor
>
> With CASSANDRA-10508, the hard coded list of accepted encryption protocols 
> was eliminated. For some use cases, it is necessary to restrict the 
> encryption protocols used for communication between client and server. 
> Default JVM way of negotiations allows the best encryption protocol that 
> client can use. 
> e.g. I have set Cassandra to use encryption. Ideally client and server 
> negotiate to use best protocol (TLSv1.2). But a malicious client might force 
> TLSv1.0 which is susceptible to POODLE attacks.
> At the moment only way to restrict the encryption protocol is using the 
> {{jdk.tls.client.protocols}} systems property. If I dont have enough access 
> to modify this property, I dont have any way of restricting the encryption 
> protocols.
> I am proposing bring back the accepted_protocols property but make it 
> configurable. If not specified, let the JVM take care of the TLS negotiations.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to