nodece edited a comment on pull request #13740: URL: https://github.com/apache/pulsar/pull/13740#issuecomment-1053808043
> My question now is: is Conscript more secure? In this case I prefer it as default as we mostly care about production for security. > Security is better then being user friendly with people on old systems. Maybe Conscrypt is more secure with JDK 11 in production OS such as CentOS, Debian, etc., but we can't just consider the production environment. Software compatibility is more important than security. For example, some users want to test Pulsar with TLS in Win 7/8 or macOS 11.5.2, the Conscript cannot work, but the use JDK provider is working. > If Conscript as default, it is looks does not add value then I am fine to change the default I prefer to use the JDK provider as default, you can also see that there has been feedback from the issue. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
