michaeljmarshall opened a new pull request, #20268: URL: https://github.com/apache/pulsar/pull/20268
PIP: This will require a PIP. It is a draft for now while I get tests passing. ### Motivation It is recommended to use hostname verification in most use cases for TLS. In order to have more secure defaults, I propose that we enable TLS hostname verification by default. This change will not affect any users that do not have TLS enabled. It will only be a breaking change for users that want to use TLS with hostname verification disabled. ### Modifications * Update all clients to enable hostname verification by default. ### Verifying this change This is a trivial change from a configuration perspective. I expect many tests will fail though, so those will also verify the changes. ### Does this pull request potentially affect one of the following parts: - [x] The default values of configurations ### Documentation - [x] `doc-required` ### Matching PR in forked repository PR in forked repository: https://github.com/michaeljmarshall/pulsar/pull/44 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
