Hi Maulin, Thanks for putting this together! Took a quick glance, and I can't think of a compelling reason on why SSLContext should be final and your point about organization/compliance issues requiring different implementations is a good one.
Per #3 on your proposed changes, I'm keen to only support a single default impl in-tree. I don't think we should be in the business of picking implementation to support. It looks like this is your intention as well? Thanks again, -Nate On Wed, May 19, 2021 at 12:05 PM Maulin Vasavada <maulin.vasav...@gmail.com> wrote: > Hi all > > Starting a discussion thread for the CIP-9 - > > https://cwiki.apache.org/confluence/display/CASSANDRA/CEP-9%3A+Make+SSLContext+creation+pluggable > > > However, while writing the CIP two areas that came up in my mind where I > need to seek guidance apart from the other discussion that we would have > here, > > 1. Whether to consider SSLFactory#tlsInstanceProtocolSubstitution() > < > https://github.com/apache/cassandra/blob/cassandra-4.0/src/java/org/apache/cassandra/security/SSLFactory.java#L169 > > > for pluggability (noted this on the CIP as well) > > 2. For Test Plan, apart from Integration Test and local system test what > would be recommended? > > Thanks > Maulin >
