Details
-
Task
-
Status: Open
-
Blocker
-
Resolution: Unresolved
-
None
-
None
-
None
Description
After https://reviews.apache.org/r/70795 has landed, we will continue using the legacy hostname validation scheme by default, exposing users to increased MitM risk and to hangs caused by reverse DNS lookups.
With the next major release, we should change the default to the 'openssl' scheme and remove the legacy behaviour.
Attachments
Issue Links
- is blocked by
-
MESOS-9859 Deprecate 'libprocess' hostname validation scheme
- Open