Stephan Ewen created FLINK-9310: ----------------------------------- Summary: Update default cyphersuites Key: FLINK-9310 URL: https://issues.apache.org/jira/browse/FLINK-9310 Project: Flink Issue Type: Task Components: Security Affects Versions: 1.4.2 Reporter: Stephan Ewen Assignee: Stephan Ewen
The current default cipher suite {{TLS_RSA_WITH_AES_128_CBC_SHA}} is no longer recommended. RFC 7525 [1] recommends to use the following cipher suites only: * TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 * TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 * TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 [1] https://tools.ietf.org/html/rfc7525 -- This message was sent by Atlassian JIRA (v7.6.3#76005)