You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@drill.apache.org by "Rob Wu (JIRA)" <ji...@apache.org> on 2018/07/13 23:24:00 UTC
[jira] [Updated] (DRILL-6610) Add support for Minimum TLS support
[ https://issues.apache.org/jira/browse/DRILL-6610?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Rob Wu updated DRILL-6610:
--------------------------
Description:
Add support for minimum TLS support.
Currently, the TLSProtocol parameter only supports a specific version of TLS to be used.
Investigation:
Setting the default SSL context method to be sslv23 with default sslv2 and sslv3 turned off would allow us to restrict the protocol to be TLS only.
Additional flags can be applied to further restrict the minimum TLS version:
For example:
Minimum TLS 1.0 - Sets NO_SSLv2 and NO_SSLv3
Minimum TLS 1.1 - Sets NO_SSLv2 and NO SSLv3 and NO_TLSv1
Minimum TLS 1.2 - Sets NO_SSLv2 and NO SSLv3 and NO_TLSv1 and NO_TLSv1_1
was:
Add support for minimum TLS support.
Currently, the TLSProtocol parameter only supports a specific version of TLS to be used.
> Add support for Minimum TLS support
> -----------------------------------
>
> Key: DRILL-6610
> URL: https://issues.apache.org/jira/browse/DRILL-6610
> Project: Apache Drill
> Issue Type: Improvement
> Components: Client - C++
> Affects Versions: 1.12.0
> Reporter: Rob Wu
> Priority: Major
>
> Add support for minimum TLS support.
> Currently, the TLSProtocol parameter only supports a specific version of TLS to be used.
>
> Investigation:
> Setting the default SSL context method to be sslv23 with default sslv2 and sslv3 turned off would allow us to restrict the protocol to be TLS only.
> Additional flags can be applied to further restrict the minimum TLS version:
> For example:
> Minimum TLS 1.0 - Sets NO_SSLv2 and NO_SSLv3
> Minimum TLS 1.1 - Sets NO_SSLv2 and NO SSLv3 and NO_TLSv1
> Minimum TLS 1.2 - Sets NO_SSLv2 and NO SSLv3 and NO_TLSv1 and NO_TLSv1_1
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)