Return-Path: 
 <notifications-return-25434-apmail-accumulo-notifications-archive=accumulo.apache.org@accumulo.apache.org>
X-Original-To: apmail-accumulo-notifications-archive@minotaur.apache.org
Delivered-To: apmail-accumulo-notifications-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id D306D1775C
	for <apmail-accumulo-notifications-archive@minotaur.apache.org>;
 Fri,  7 Nov 2014 21:39:34 +0000 (UTC)
Received: (qmail 41247 invoked by uid 500); 7 Nov 2014 21:39:34 -0000
Delivered-To: apmail-accumulo-notifications-archive@accumulo.apache.org
Received: (qmail 41215 invoked by uid 500); 7 Nov 2014 21:39:34 -0000
Mailing-List: contact notifications-help@accumulo.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:notifications-help@accumulo.apache.org>
List-Unsubscribe: <mailto:notifications-unsubscribe@accumulo.apache.org>
List-Post: <mailto:notifications@accumulo.apache.org>
List-Id: <notifications.accumulo.apache.org>
Reply-To: jira@apache.org
Delivered-To: mailing list notifications@accumulo.apache.org
Received: (qmail 41203 invoked by uid 99); 7 Nov 2014 21:39:34 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 07 Nov 2014 21:39:34 +0000
Date: Fri, 7 Nov 2014 21:39:34 +0000 (UTC)
From: "Josh Elser (JIRA)" <jira@apache.org>
To: notifications@accumulo.apache.org
Message-ID: <JIRA.12753759.1415384548000.449106.1415396374626@Atlassian.JIRA>
In-Reply-To: <JIRA.12753759.1415384548000@Atlassian.JIRA>
References: <JIRA.12753759.1415384548000@Atlassian.JIRA>
 <JIRA.12753759.1415384548668@arcas>
Subject: [jira] [Commented] (ACCUMULO-3318) Alter Thrift RPC components to
 disallow SSLv3
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/ACCUMULO-3318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14202740#comment-14202740 ] 

Josh Elser commented on ACCUMULO-3318:
--------------------------------------

Wire encryption was added in 1.6.0 -- not relevant to 1.5 releases.

> Alter Thrift RPC components to disallow SSLv3
> ---------------------------------------------
>
>                 Key: ACCUMULO-3318
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-3318
>             Project: Accumulo
>          Issue Type: Sub-task
>          Components: proxy, rpc
>    Affects Versions: 1.6.0
>            Reporter: Sean Busbey
>            Assignee: Josh Elser
>            Priority: Blocker
>             Fix For: 1.6.2, 1.7.0
>
>
> All components that rely on Thrift's secure transport need be updated to disallow SSLv3.
> {quote}
> Thrift:
> http://stackoverflow.com/questions/26387099/securing-a-thrift-server-aginst-the-poodle-ssl-vulnerability
> {quote}
> {quote}
> The easy way to check this is simply to stand up a tserver and try
> connecting over SSLv3:
> openssl s_client -connect localhost:12345 -ssl3
> {quote}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)