[
https://issues.apache.org/jira/browse/HDFS-15824?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17280748#comment-17280748
]
Akira Ajisaka commented on HDFS-15824:
--------------------------------------
This repository is no longer maintained. [https://github.com/apache/hadoop-hdfs]
I asked ASF infra team to archive this (INFRA-21399).
> Update to enable TLS >=1.2 as default secure protocols
> -------------------------------------------------------
>
> Key: HDFS-15824
> URL: https://issues.apache.org/jira/browse/HDFS-15824
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: contrib/hdfsproxy
> Reporter: Vicky Zhang
> Priority: Major
>
> in file
> src/contrib/hdfsproxy/src/java/org/apache/hadoop/hdfsproxy/ProxyUtil.java,
> line 125, the SSL protocol is used in statement: SSLContext sc =
> SSLContext.getInstance("SSL");
> *Impact:*
> An SSL DDoS attack targets the SSL handshake protocol either by sending
> worthless data to the SSL server which will result in connection issues for
> legitimate users or by abusing the SSL handshake protocol itself.
> *Suggestions:*
> Upgrade the implementation to the “TLS”, and configure https.protocols JVM
> option to include TLSv1.2:
> *Useful links:*
> [https://blogs.oracle.com/java-platform-group/diagnosing-tls,-ssl,-and-https]
> [https://www.appmarq.com/public/tqi,1039002,CWE-319-Avoid-using-Deprecated-SSL-protocols-to-secure-connection]
> *Please share with us your opinions/comments if there is any:*
> Is the bug report helpful?
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
