Hi all, I would like to discuss using the bouncycastle fips instead of the bouncycastle non-fips.
The bouncycastle is a Java library that complements the default Java Cryptographic Extension (JCE), which has two versions: fips version and non-fips version. The fips version is safer than non-fips. When the security level is very high, many policies require the fips version, but the Pulsar default uses the non-fips version. Switch this is complex, because the `pulsar-client-messagecrypto-bc` module and root project depends on the non-fips, so I suggest we switch to fips version from non-fips. Reference: - https://www.bouncycastle.org/ - https://www.bouncycastle.org/fips_faq.html - https://en.wikipedia.org/wiki/Federal_Information_Processing_Standards Thanks, Zixuan
