Based on what has been discussed so far, especially the fact that
jclouds inherits and does not change the SSL configuration in the vast
majority of cases, I am going to close the vote as having passed by
lazy majority.
To help users understand the issues around POODLE, I'll try to put
together a short blog post for review later asap, which will be
referenced in the release notes. For users of the two labs providers
(Azure Compute and FGCP) where jclouds *does* mess with SSL settings,
I'll try to describe available workarounds in the blog (since this
affects users of *all* jclouds versions, not just 1.8.1).
If it turns out that we need to get 1.8.2 out asap on the heels of
this, I'll happily volunteer to handle that release. If we can come up
with an approach to deal with JCLOUDS-753 that we think is reasonably
nice - rather than just a quick band-aid - all the better. It would be
great to see improvements to the current "band-aidy" PR [1] for this!
Regards
ap
[1] https://github.com/jclouds/jclouds/pull/575
