Nikolay Izhikov created KAFKA-9460: -------------------------------------- Summary: Enable TLSv1.2 by default and disable all others protocol versions Key: KAFKA-9460 URL: https://issues.apache.org/jira/browse/KAFKA-9460 Project: Kafka Issue Type: Improvement Reporter: Nikolay Izhikov Assignee: Nikolay Izhikov
In KAFKA-7251 support of TLS1.3 was introduced. For now, only TLS1.2 and TLS1.3 are recommended for the usage, other versions of TLS considered as obsolete: https://www.rfc-editor.org/info/rfc8446 https://en.wikipedia.org/wiki/Transport_Layer_Security#History_and_development But testing of TLS1.3 incomplete, for now. We should enable actual versions of the TLS protocol by default to provide to the users only secure implementations. Users can enable obsolete versions of the TLS with the configuration if they want to. -- This message was sent by Atlassian Jira (v8.3.4#803005)