Hi Jakub, I think the KIP looks good overall, and I have one question for now. Would it make sense to split the config you want to introduce (ssl.allow.dn.and.san.changes) into two configs? Would users want to enable one but not the other?
Thanks, Viktor On Wed, Sep 13, 2023 at 10:00 PM Jakub Scholz <ja...@scholz.cz> wrote: > Hi all, > > I would like to start the discussion about the KIP-978: Allow dynamic > reloading of certificates with different DN / SANs > < > https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=263429128 > >. > It proposes adding an option to disable the current validation of the DN > and SANs when dynamically changing the keystore. Please have a look and let > me know your thoughts ... > > Thanks & Regards > Jakub >
