[jira] [Created] (KAFKA-9460) Enable TLSv1.2 by default and disable all others protocol versions

Nikolay Izhikov (Jira) Tue, 21 Jan 2020 04:41:05 -0800

Nikolay Izhikov created KAFKA-9460:
--------------------------------------

             Summary: Enable TLSv1.2 by default and disable all others protocol 
versions
                 Key: KAFKA-9460
                 URL: https://issues.apache.org/jira/browse/KAFKA-9460
             Project: Kafka
          Issue Type: Improvement
            Reporter: Nikolay Izhikov
            Assignee: Nikolay Izhikov



In KAFKA-7251 support of TLS1.3 was introduced.

For now, only TLS1.2 and TLS1.3 are recommended for the usage, other versions 
of TLS considered as obsolete:

https://www.rfc-editor.org/info/rfc8446
https://en.wikipedia.org/wiki/Transport_Layer_Security#History_and_development
But testing of TLS1.3 incomplete, for now.

We should enable actual versions of the TLS protocol by default to provide to 
the users only secure implementations.

Users can enable obsolete versions of the TLS with the configuration if they 
want to. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (KAFKA-9460) Enable TLSv1.2 by default and disable all others protocol versions

Reply via email to