From c3d14977f221027f4f16315720e4ebdabcc89856 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 11 Sep 2020 09:56:35 -0400 Subject: [PATCH] Update attributes documentation --- confluent_server/confluent/config/attributes.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/confluent_server/confluent/config/attributes.py b/confluent_server/confluent/config/attributes.py index ed86e49d..5f10e1be 100644 --- a/confluent_server/confluent/config/attributes.py +++ b/confluent_server/confluent/config/attributes.py @@ -209,14 +209,14 @@ node = { }, 'deployment.useinsecureprotocols': { 'description': ('What phase(s) of boot are permitted to use insecure protocols ' - '(TFTP and HTTP without TLS. By default, HTTPS is allowed. However ' + '(TFTP and HTTP without TLS. By default, only HTTPS is used. However ' 'this is not compatible with most firmware in most scenarios. Using ' '"firmware" as the setting will still use HTTPS after the initial download, ' - 'though be aware that a successful compromise during the firmware phase ' + 'though be aware that a successful attack during the firmware phase ' 'will negate future TLS protections. The value "always" will result in ' - 'tftp/http being used for entire deployment. Note that ONIE does not ' - 'support secure protocols, and in that case this setting must be "always" ' - 'or "firmware"'), + 'tftp/http being used for most of the deployment. The value "never" will ' + 'allow HTTPS only. Note that Ubuntu will still use HTTP without TLS for ' + 'a phase of the installation process.'), 'validlist': ('always', 'firmware', 'never'), }, 'discovery.passwordrules': {