[
https://issues.apache.org/jira/browse/KUDU-1921?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17396833#comment-17396833
]
ASF subversion and git services commented on KUDU-1921:
-------------------------------------------------------
Commit d65d75fb6473e1ce1db108758289456a71101690 in kudu's branch
refs/heads/master from Attila Bukor
[ https://gitbox.apache.org/repos/asf?p=kudu.git;h=d65d75f ]
[java] KUDU-1921 Add ability to require authn/encryption to Java client
Change-Id: Ic951b2090a4933eca70dc53b6f93cdcff5a74929
Reviewed-on: http://gerrit.cloudera.org:8080/17732
Tested-by: Kudu Jenkins
Reviewed-by: Alexey Serbin <[email protected]>
> Add ability for clients to require authentication/encryption
> ------------------------------------------------------------
>
> Key: KUDU-1921
> URL: https://issues.apache.org/jira/browse/KUDU-1921
> Project: Kudu
> Issue Type: Improvement
> Components: client, security
> Affects Versions: 1.3.0
> Reporter: Todd Lipcon
> Assignee: Attila Bukor
> Priority: Critical
> Labels: roadmap-candidate
>
> Currently, the clients always operate in "optional" mode for authentication
> and encryption. This means that they are vulnerable to downgrade attacks by a
> MITM. We should provide APIs so that clients can be configured to prohibit
> downgrade when connecting to clusters they know to be secure.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
