zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GitBox <...@apache.org>
Subject [GitHub] [zookeeper] anmolnar commented on issue #961: ZOOKEEPER-3404. Downgrade BouncyCastle to 1.60
Date Tue, 28 May 2019 05:28:12 GMT
anmolnar commented on issue #961: ZOOKEEPER-3404. Downgrade BouncyCastle to 1.60
URL: https://github.com/apache/zookeeper/pull/961#issuecomment-496370179
 
 
   > btw if we have these problems now someday we will see them again when we will need
to upgrade.
   Aren't we using BC only for generating certs and keys ? it is not used by the runtime.
   
   @eolivelli This is valid. BC is for testing only currently and we'll face this problem
again once we need to upgrade to address a CVE for example. However that could be a more recent
version of BC where they identify and fix the performance regression.
   
   Other option could be to improve `QuorumSSL` tests: it's already running for 5-6 minutes
which is kinda odd for unit tests. I'll do some research on that side to find where the bottleneck
is.
   
   Wrt to Security Providers I think you're right, though I'm not an expert of Java Security,
so not sure how to address the problem properly. I suggest to keep this patch for the performance
problem only for now. 
   
   Please see my comments / evidence in Jira too.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

Mime
View raw message