[
https://issues.apache.org/jira/browse/KUDU-1874?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15879023#comment-15879023
]
Dan Burkert commented on KUDU-1874:
-----------------------------------
A flag to do this was added in
https://github.com/apache/kudu/commit/1140567010ffbb7522d7ceacc246fd0983d1e178.
It still defaults to TLSv1 across the board, but I don't think it's feasible
to change this.
> Require TLS 1.2
> ---------------
>
> Key: KUDU-1874
> URL: https://issues.apache.org/jira/browse/KUDU-1874
> Project: Kudu
> Issue Type: Improvement
> Components: rpc, security
> Affects Versions: 1.2.0
> Reporter: Dan Burkert
> Labels: security
>
> All supported platforms except for RHEL 6.4 and 6.5 support TLS 1.2. We
> should provide a flag on the server that disables TLS 1.0 and 1.1, and
> consider making it the default when running on non-legacy RHEL. TLS 1.2
> provides better ciphers (GCM modes) and protection against certain attacks
> (BEAST) over TLS 1.0.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
