tabish121 commented on PR #21: URL: https://github.com/apache/activemq-nms-openwire/pull/21#issuecomment-1122793883
For any new releases then for these SSL options I'd agree with others that the default should be moved to the recommended SslProtocols.None value which is the established recommend default from MS. There is some small chance that this setting won't work on some Windows platforms if explicitly disabled (see the [code](https://referencesource.microsoft.com/#System/net/System/Net/SecureProtocols/_SslState.cs,164)). This is very probably rare so you could just catch an exception and fail the connection or you could also attempt a fallback if you wanted to be thorough. Whomever is managing the release should test it out when changed of course (not me) though there's probably little worry of breaking older code when updating configuration to choose unless someone is highly coupled to using insecure TLS versions which I don't think is a driver for this discussion as this change is probably going to benefit more folks than it breaks. As long as it is configurable folks can always change it to whatever works in their environment. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
