nutch-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Markus Jelsma (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (NUTCH-1676) Add rudimentary SSL support to protocol-http
Date Wed, 18 Dec 2013 11:48:08 GMT

     [ https://issues.apache.org/jira/browse/NUTCH-1676?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Markus Jelsma updated NUTCH-1676:
---------------------------------

    Attachment: NUTCH-1676.patch

I think that is fine, i haven't seen any server not supporting any TLS. The worst is SSLv2
and TLSv1 so there's always TLS. But in general we don't care about security because a lot
crawls are public. If we default to TLS but make it configurable, then users can also do secure
crawls. If users want to do secure crawls, they probably want to configure cipher suites as
well.

Here's a patch making protocols and cipher suites configurable via lib-http. The default cipher
suite list is decent enough, it has non export and anon suites. One could argue we'd remove
the RC4 suites as well. Best are on top anyway.

> Add rudimentary SSL support to protocol-http
> --------------------------------------------
>
>                 Key: NUTCH-1676
>                 URL: https://issues.apache.org/jira/browse/NUTCH-1676
>             Project: Nutch
>          Issue Type: Improvement
>          Components: protocol
>    Affects Versions: 1.7
>            Reporter: Julien Nioche
>             Fix For: 1.8
>
>         Attachments: NUTCH-1676.patch, NUTCH-1676.patch
>
>
> Adding https support to our http protocol would be a good thing even if it does not handle
the security. This would save us from having to use the http-client plugin which is buggy
in its current form. 
> Patch generated from https://github.com/Aloisius/nutch/commit/d3e15a1db0eb323ccdcf5ad69a3d3a01ec65762c#commitcomment-4720772
> Needs testing...



--
This message was sent by Atlassian JIRA
(v6.1.4#6159)

Mime
View raw message