You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jira@kafka.apache.org by "Nikolay Izhikov (Jira)" <ji...@apache.org> on 2020/02/19 09:27:00 UTC

[jira] [Commented] (KAFKA-9320) Enable TLSv1.3 by default and disable some of the older protocols

    [ https://issues.apache.org/jira/browse/KAFKA-9320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17039831#comment-17039831 ] 

Nikolay Izhikov commented on KAFKA-9320:
----------------------------------------

[~rsivaram] 

As you know, I checked system tests with the TLSv1.3 in the KAFKA-9319
It seems we are ready to enable TLSv1.3 by default.

What do you think?
Should I write the KIP and start the discussion?

> Enable TLSv1.3 by default and disable some of the older protocols
> -----------------------------------------------------------------
>
>                 Key: KAFKA-9320
>                 URL: https://issues.apache.org/jira/browse/KAFKA-9320
>             Project: Kafka
>          Issue Type: New Feature
>          Components: security
>            Reporter: Rajini Sivaram
>            Assignee: Nikolay Izhikov
>            Priority: Major
>              Labels: needs-kip
>
> KAFKA-7251 added support for TLSv1.3. We should include this in the list of protocols that are enabled by default. We should also disable some of the older protocols that are not secure. This change requires a KIP.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)