[
https://issues.apache.org/jira/browse/TINKERPOP-2023?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16586280#comment-16586280
]
ASF GitHub Bot commented on TINKERPOP-2023:
-------------------------------------------
Github user robertdale commented on the issue:
https://github.com/apache/tinkerpop/pull/912
@k4rthikr That's a little deeper than I want to get into. `sslCipherSuites`
provides a whitelist. Whitelists are always preferred over blacklists. If this
one were blacklisted, there are probably 10 others that were missed. I also
don't want to imply that these are managed and updated by us. There are just
too many and changes more often than say TLS protocol version. IMO, the scope
of this work was to set reasonable defaults that made Gremlin Server+Client
more secure and raise awareness to the user. It will be up to the user to use
good ciphers, good key lengths, etc.
> Gremlin Server should not create self-signed certs
> --------------------------------------------------
>
> Key: TINKERPOP-2023
> URL: https://issues.apache.org/jira/browse/TINKERPOP-2023
> Project: TinkerPop
> Issue Type: Improvement
> Components: server
> Affects Versions: 3.2.9
> Reporter: Robert Dale
> Assignee: Robert Dale
> Priority: Minor
> Labels: breaking, deprecation
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
