Am Sun, 2 Nov 2014 19:27:33 +0000 (UTC) schrieb "Karthik Kambatla (JIRA)" <j...@apache.org>:
> Hadoop uses an older version of Jetty that allows SSLv3. We should > fix it up. What about TLSv1.0 - in a contained eco system it might be good to aim for "modern compatibility": https://wiki.mozilla.org/Security/Server_Side_TLS It was only a near miss, that BEAST did not compromise TLSv1.0 Greetings Bernd
