Chang Liu

There've been the [release drafter](https://github.com/opensearch-project/security/blob/main/.github/workflows/release-drafter.yml) to generate [draft release notes](https://github.com/opensearch-project/security/releases/tag/untagged-7f7ae5bb3441abd9f61f) capturing all merged PRs. The release notes are generated by CI pipeline on each PR merge and avaialble for publishing...

The old naming convention was kept to retain backward compatibility and allow ODFE users to migrate to OpenSearch. The change would be a breaking change, which might be suitable for...

@deepak-rsystems Does the user have permission to any custom tenant?

The PR in security plugin is needed to resolve this issue: https://github.com/opensearch-project/security/pull/1936.

The endpoints need to be updated in both security plugin and security dashboards plugin in 3.0.0 as a breaking change as it would break existing SAML setup. labeling for 3.0.0.

@frotsch Certificate hot reloading itself doesn't break the existing connection between nodes. Given the channel between nodes has been established, the new certificate won't be used until next time establishing...

Security plugin validates certificate to make sure all connections are established with valid certificates, but it doesn't disconnect a connection estabilished with a certificate that is still valid(not expired) no...

Hi @frotsch, sorry for the confusion! The TLS cert hot-reloading feature was designed based on the way TLS works. Certificate is only used at the moment of establishing connection. So...

@frotsch Thanks for bringing up this great idea to enhance the certs hot reloading feature! We understand that you've been working on the changes and ready to create a PR....

@jimishs To be more clear - Invalid requests is pretty common. For example, a request in wrong syntax(could even be caused by a typo or anything) is an invalid request....