You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@nifi.apache.org by "Aldrin Piri (JIRA)" <ji...@apache.org> on 2016/07/08 17:14:11 UTC

[jira] [Created] (MINIFI-56) Evaluate the usage of strong encryption and bouncycastle being enabled

Aldrin Piri created MINIFI-56:
---------------------------------

             Summary: Evaluate the usage of strong encryption and bouncycastle being enabled
                 Key: MINIFI-56
                 URL: https://issues.apache.org/jira/browse/MINIFI-56
             Project: Apache NiFi MiNiFi
          Issue Type: Bug
          Components: Core Framework
            Reporter: Andy LoPresto


{quote}
* Could we please change the default algorithm for protecting sensitive property values to something stronger than the current selection? I would open a Jira if necessary, but this is one of those things that is really better to do before the first release so users have a backward-compatible config.yml file moving forward. If we change it in a subsequent release, we will need to do significant migration hand-holding. My suggestion would be "PBEWITHSHA256AND256BITAES-CBC-BC” which is significantly stronger, but after trying a few BC options, I continue to get EncryptionExceptions even though I have the JCE unlimited cryptographic strength jurisdiction policy files installed, so this may be a 0.0.2 fix. Is BouncyCastle not enabled by default?
{quote}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)