[ 
https://issues.apache.org/jira/browse/CASSANDRA-13259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16362438#comment-16362438
 ] 

Jason Brown commented on CASSANDRA-13259:
-----------------------------------------

On the whole, +1. {{SunX509}} still appears in the yaml, under 
{{server_encryption_options}} and {{client_encryption_options}}. I'm not sure 
what the best thing to do here is. We could:

- remove the {{algorithm}} property altogether from the yaml - yet leave it in 
the {{EncryptionOptions}} in case somebody actually has a custom algo 
implmentation (highly doubtful, but it costs us nothing to keep it)
- remove {{SunX509}} as the value of the property, although this might confuse 
an operator to see an empty prop value and they may try to shove something in 
the attempt to make it happy (even though they don't need it)
- replace {{SunX509}} with whatever the new default algo name is (I couldn't 
find it with a naive, 30 second search), although this may, at some distant 
future date, get us into the same situation we are in now.

I'm mildly in favor of the first option. wdyt?

> Use platform specific X.509 default algorithm
> ---------------------------------------------
>
>                 Key: CASSANDRA-13259
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-13259
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Configuration
>            Reporter: Stefan Podkowinski
>            Assignee: Stefan Podkowinski
>            Priority: Minor
>             Fix For: 4.x
>
>
> We should replace the hardcoded "SunX509" default algorithm and use the JRE 
> default instead. This implementation will currently not work on less popular 
> platforms (e.g. IBM) and won't get any further updates.
> See also:
> https://bugs.openjdk.java.net/browse/JDK-8169745



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

Reply via email to