[Gluster-devel] GlusterD 2.0 status updates

[Kaleb KEITHLEY]

On 09/07/2015 12:47 PM, Kaushal M wrote:
> On Mon, Sep 7, 2015 at 8:29 PM, Jeff Darcy <jdarcy at redhat.com> wrote:
>>> - Support for SSL transports - thought we wouldn't be using this
>>> initially, we would require it later on.
>>
>> Control-plane security is important enough that I think it has to
>> be a Day One requirement.
> 
> I did mean this, but I could have expressed it better. What I meant to
> say was that though we would not be using SSL for the first planned
> milestone, the RPC framework we choose would need to support SSL as we
> will be using it later on.

I have to ask——

Every day we hear about vulnerabilities and exploits. Have we not yet
reached the point were we just start with security enabled as a matter
of routine?

Why aren't we using TLS (the real name, FWIW) from day one?

Please?

--

Kaleb