kafka-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rajini Sivaram (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (KAFKA-3665) Default ssl.endpoint.identification.algorithm should be https
Date Fri, 06 May 2016 11:08:13 GMT

    [ https://issues.apache.org/jira/browse/KAFKA-3665?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15273917#comment-15273917
] 

Rajini Sivaram commented on KAFKA-3665:
---------------------------------------

[~ijuma] I agree that secure installations of Kafka would always turn on hostname verification.
But this change could potentially catch people out. Perhaps it doesn't matter because this
is a major release? The documentation should say how to disable it - set ssl.endpoint.identification.algorithm
to empty string?

> Default ssl.endpoint.identification.algorithm should be https
> -------------------------------------------------------------
>
>                 Key: KAFKA-3665
>                 URL: https://issues.apache.org/jira/browse/KAFKA-3665
>             Project: Kafka
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 0.9.0.1
>            Reporter: Ismael Juma
>            Assignee: Ismael Juma
>             Fix For: 0.10.0.0
>
>
> The default `ssl.endpoint.identification.algorithm` is `null` which is not a secure default
(man in the middle attacks are possible).
> We should probably use `https` instead. A more conservative alternative would be to update
the documentation instead of changing the default.
> A paper on the topic (thanks to Ryan Pridgeon for the reference): http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message