You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@kafka.apache.org by "Nikolay Izhikov (Jira)" <ji...@apache.org> on 2020/01/21 12:41:00 UTC
[jira] [Created] (KAFKA-9460) Enable TLSv1.2 by default and disable
all others protocol versions
Nikolay Izhikov created KAFKA-9460:
--------------------------------------
Summary: Enable TLSv1.2 by default and disable all others protocol versions
Key: KAFKA-9460
URL: https://issues.apache.org/jira/browse/KAFKA-9460
Project: Kafka
Issue Type: Improvement
Reporter: Nikolay Izhikov
Assignee: Nikolay Izhikov
In KAFKA-7251 support of TLS1.3 was introduced.
For now, only TLS1.2 and TLS1.3 are recommended for the usage, other versions of TLS considered as obsolete:
https://www.rfc-editor.org/info/rfc8446
https://en.wikipedia.org/wiki/Transport_Layer_Security#History_and_development
But testing of TLS1.3 incomplete, for now.
We should enable actual versions of the TLS protocol by default to provide to the users only secure implementations.
Users can enable obsolete versions of the TLS with the configuration if they want to.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)