Andrew Wong has posted comments on this change. ( http://gerrit.cloudera.org:8080/17268 )
Change subject: [security] set minimum TLS protocol version to TSLv1.2 ...................................................................... Patch Set 3: (1 comment) http://gerrit.cloudera.org:8080/#/c/17268/3//COMMIT_MSG Commit Message: http://gerrit.cloudera.org:8080/#/c/17268/3//COMMIT_MSG@31 PS3, Line 31: * AES128-SHA (TLS_RSA_WITH_AES_128_CBC_SHA) : * AES256-SHA (TLS_RSA_WITH_AES_256_CBC_SHA) > The list of available TLS protocols for negotiation from the either side (c I see, thank you for the explanation! In general then, other than the mismatch between client and server versions, is there a downside to always keeping the client with the lowest minimum TLS version, if anything for the sake of compatibility? Does that detract from client performance when negotiating higher versions? Or is that meant to be used as a forcing function to upgrade server-side bits? -- To view, visit http://gerrit.cloudera.org:8080/17268 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I07633a04d3828100f148e5de3905094198d13396 Gerrit-Change-Number: 17268 Gerrit-PatchSet: 3 Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Andrew Wong <[email protected]> Gerrit-Reviewer: Attila Bukor <[email protected]> Gerrit-Reviewer: Grant Henke <[email protected]> Gerrit-Reviewer: Greg Solovyev <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Comment-Date: Fri, 23 Apr 2021 06:30:05 +0000 Gerrit-HasComments: Yes
