[
https://issues.apache.org/jira/browse/KAFKA-2456?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14706332#comment-14706332
]
Ismael Juma commented on KAFKA-2456:
------------------------------------
Thanks for filing this Harsha, this is one of the follow-ups that I wanted to
discuss. Another related one is the enabled cipher suites as there are a number
of deprecated ones too, the release notes for JDK 8 update 60 mention some:
https://www.java.com/en/download/faq/release_changes.xml
It seems that newer JDKs automatically disable deprecated protocols and
ciphers, so it may be reasonable to just rely on that. If we decide to do that,
we could simply update the documentation to say something about deprecations
and point to some JDK documentation.
What are your thoughts?
> Disable SSLv3 for ssl.enabledprotocols config on client & broker side
> ---------------------------------------------------------------------
>
> Key: KAFKA-2456
> URL: https://issues.apache.org/jira/browse/KAFKA-2456
> Project: Kafka
> Issue Type: Bug
> Reporter: Sriharsha Chintalapani
> Assignee: Sriharsha Chintalapani
> Fix For: 0.8.3
>
>
> This is a follow-up on KAFKA-1690 . Currently users have option to pass in
> SSLv3 we should not be allowing this as its deprecated.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
