[
https://issues.apache.org/jira/browse/NUTCH-1676?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Markus Jelsma updated NUTCH-1676:
---------------------------------
Attachment: NUTCH-1676.patch
I think that is fine, i haven't seen any server not supporting any TLS. The
worst is SSLv2 and TLSv1 so there's always TLS. But in general we don't care
about security because a lot crawls are public. If we default to TLS but make
it configurable, then users can also do secure crawls. If users want to do
secure crawls, they probably want to configure cipher suites as well.
Here's a patch making protocols and cipher suites configurable via lib-http.
The default cipher suite list is decent enough, it has non export and anon
suites. One could argue we'd remove the RC4 suites as well. Best are on top
anyway.
> Add rudimentary SSL support to protocol-http
> --------------------------------------------
>
> Key: NUTCH-1676
> URL: https://issues.apache.org/jira/browse/NUTCH-1676
> Project: Nutch
> Issue Type: Improvement
> Components: protocol
> Affects Versions: 1.7
> Reporter: Julien Nioche
> Fix For: 1.8
>
> Attachments: NUTCH-1676.patch, NUTCH-1676.patch
>
>
> Adding https support to our http protocol would be a good thing even if it
> does not handle the security. This would save us from having to use the
> http-client plugin which is buggy in its current form.
> Patch generated from
> https://github.com/Aloisius/nutch/commit/d3e15a1db0eb323ccdcf5ad69a3d3a01ec65762c#commitcomment-4720772
> Needs testing...
--
This message was sent by Atlassian JIRA
(v6.1.4#6159)
