Hi Andy, Thanks for your feedback. I filed a JIRA [1] and will work on a PR.
[1] https://issues.apache.org/jira/browse/NIFI-6571 Le mer. 14 août 2019 à 19:08, Andy LoPresto <[email protected]> a écrit : > Hi Pierre, > > I think you are 100% correct that this would be aa significant > improvement. I am in the midst of refactoring the TLS Toolkit completely > [1], so this is something I will keep in mind for that overhaul. In the > meantime, if you would like to file a Jira and submit a PR for the current > instance, that would be helpful to people. Please link the Jira to this > epic [2] where I am tracking a lot of interrelated TLS improvements. > > [1] https://issues.apache.org/jira/browse/NIFI-5462 < > https://issues.apache.org/jira/browse/NIFI-5462> > [2] https://issues.apache.org/jira/browse/NIFI-5458 < > https://issues.apache.org/jira/browse/NIFI-5458> > > Andy LoPresto > [email protected] > [email protected] > PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > > > On Aug 14, 2019, at 2:46 AM, Pierre Villard <[email protected]> > wrote: > > > > Hey guys, > > > > It is possible to start the TLS toolkit in server mode with a token > length > > below the required 16 bits. But when the client is performing the > request, > > it'll be denied with the message "Token does not meet minimum size of 16 > > bytes". Would it make sense to just prevent the TLS toolkit to start in > > server mode when the token is below 16 bytes? > > > > Happy to file a JIRA and submit a PR, just wanted to check I'm not > missing > > an edge case. > > > > Thanks, > > Pierre > >
