[jira] [Resolved] (KUDU-1921) Add ability for clients to require authentication/encryption

Attila Bukor (Jira) Mon, 08 Nov 2021 10:15:42 -0800


     [ 
https://issues.apache.org/jira/browse/KUDU-1921?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Attila Bukor resolved KUDU-1921.
--------------------------------
    Fix Version/s: 1.16.0
       Resolution: Fixed

> Add ability for clients to require authentication/encryption
> ------------------------------------------------------------
>
>                 Key: KUDU-1921
>                 URL: https://issues.apache.org/jira/browse/KUDU-1921
>             Project: Kudu
>          Issue Type: Improvement
>          Components: client, security
>    Affects Versions: 1.3.0
>            Reporter: Todd Lipcon
>            Assignee: Attila Bukor
>            Priority: Critical
>              Labels: roadmap-candidate
>             Fix For: 1.16.0
>
>
> Currently, the clients always operate in "optional" mode for authentication 
> and encryption. This means that they are vulnerable to downgrade attacks by a 
> MITM. We should provide APIs so that clients can be configured to prohibit 
> downgrade when connecting to clusters they know to be secure.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (KUDU-1921) Add ability for clients to require authentication/encryption

Reply via email to