[
https://issues.apache.org/jira/browse/HBASE-29212?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Istvan Toth updated HBASE-29212:
--------------------------------
Description:
Currently HBase is (artifically) limited to TLS 1.2, even if the JVM supports
TLS 1.3.
AFAICT all we need to do is sync is X509Util to the current ZooKeeper version.
There was a discussion on the original ZK PR about whether directly managing
the ciphers is a good idea, and while the consensus seemed to be that it isn't,
it was left in.
Maybe we should just drop that, and let the JVM version/settings do their
things.
was:
Currently HBase is (artifically) limited to TLS 1.2, even if the JVM supports
TLS 1.3.
AFAICT all we need to do is sync is X509Util to the current ZooKeeper version.
> Support TLS 1.3
> ---------------
>
> Key: HBASE-29212
> URL: https://issues.apache.org/jira/browse/HBASE-29212
> Project: HBase
> Issue Type: Improvement
> Components: encryption, security
> Reporter: Istvan Toth
> Priority: Major
>
> Currently HBase is (artifically) limited to TLS 1.2, even if the JVM supports
> TLS 1.3.
> AFAICT all we need to do is sync is X509Util to the current ZooKeeper version.
> There was a discussion on the original ZK PR about whether directly managing
> the ciphers is a good idea, and while the consensus seemed to be that it
> isn't, it was left in.
> Maybe we should just drop that, and let the JVM version/settings do their
> things.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
