[
https://issues.apache.org/jira/browse/CASSANDRA-21007?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Brad Schoening updated CASSANDRA-21007:
---------------------------------------
Impacts: Security (was: None)
> cassandra-stress defaults to deprecated TLS 1.2 cipher suite
> ------------------------------------------------------------
>
> Key: CASSANDRA-21007
> URL: https://issues.apache.org/jira/browse/CASSANDRA-21007
> Project: Apache Cassandra
> Issue Type: Improvement
> Components: Tool/stress
> Reporter: Brad Schoening
> Priority: Normal
>
> From what I understand, this cipher is not compatible with TLS 1.3's
> handshake mechanism as it lacks Perfect Forward Security (PFS).
> {code:java}
> final OptionSimple ciphers = new OptionSimple("ssl-ciphers=", ".*",
> "TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA", "SSL: comma
> delimited list of encryption suites to use", false);
> {code}
> [stress/settings/SettingsTransport.java|https://github.com/apache/cassandra/blob/cassandra-4.1/tools/stress/src/org/apache/cassandra/stress/settings/SettingsTransport.java#L80]
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
