[
https://issues.apache.org/jira/browse/KUDU-1921?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17401300#comment-17401300
]
ASF subversion and git services commented on KUDU-1921:
-------------------------------------------------------
Commit 679c90c81492d1ba46964a5258679fd4ed028d6c in kudu's branch
refs/heads/master from Attila Bukor
[ https://gitbox.apache.org/repos/asf?p=kudu.git;h=679c90c ]
[python] KUDU-1921 Add ability to require auth/encryption
Change-Id: I10173145611ad2991c0a1b173ecadc7141ae6f5e
Reviewed-on: http://gerrit.cloudera.org:8080/17733
Tested-by: Kudu Jenkins
Reviewed-by: Alexey Serbin <aser...@cloudera.com>
> Add ability for clients to require authentication/encryption
> ------------------------------------------------------------
>
> Key: KUDU-1921
> URL: https://issues.apache.org/jira/browse/KUDU-1921
> Project: Kudu
> Issue Type: Improvement
> Components: client, security
> Affects Versions: 1.3.0
> Reporter: Todd Lipcon
> Assignee: Attila Bukor
> Priority: Critical
> Labels: roadmap-candidate
>
> Currently, the clients always operate in "optional" mode for authentication
> and encryption. This means that they are vulnerable to downgrade attacks by a
> MITM. We should provide APIs so that clients can be configured to prohibit
> downgrade when connecting to clusters they know to be secure.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
