Thanks for the KIP, Jonathan. It would be helpful to have more detail on how SSL authentication could be broken if the new behaviour is the default. I know this was discussed in the mailing list thread, but it's important to include it in the KIP since it's the main reason why a new config is needed (and configs should be avoided whenever we can just do the right thing).
Ismael On Fri, Mar 23, 2018 at 12:05 PM Skrzypek, Jonathan < jonathan.skrzy...@gs.com> wrote: > Hi, > > I would like to start a vote for KIP-235 > > > https://cwiki.apache.org/confluence/display/KAFKA/KIP-235%3A+Add+DNS+alias+support+for+secured+connection > > This is a proposition to add an option for reverse dns lookup of > bootstrap.servers hosts, allowing the use of dns aliases on clusters using > SASL authentication. > > > >
