[GitHub] ctubbsii commented on issue #417: Make TLSv1.2 the default

2018-04-09 Thread GitBox 
ctubbsii commented on issue #417: Make TLSv1.2 the default
URL: https://github.com/apache/accumulo/pull/417#issuecomment-379886655
 
 
   @PircDef Maybe... that would be a bigger change, and more testing to ensure 
correctness. This is a simple configuration defaults change vs. changing 
currently functioning code.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

[GitHub] ctubbsii commented on issue #417: Make TLSv1.2 the default for ssl-enabled clients

2018-04-06 Thread GitBox 
ctubbsii commented on issue #417: Make TLSv1.2 the default for ssl-enabled 
clients
URL: https://github.com/apache/accumulo/pull/417#issuecomment-379399535
 
 
   I added a second commit which instructs the server-side to use TLS 1.2 by 
default, also. As I understand it, there's a few well-known downgrade attacks 
for 1.1 and 1.0, that we should avoid. Since we maintain the code for both 
client and server, there's no reason we shouldn't use 1.2 by default. It is 
still configurable, if users need something else.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services