Major Description
While playing with SSL configured RPC, I often found myself in the situation where I would deploy a secure Accumulo without setting up .accumulo/config, or have my client set up to connect with SSL, and the server was running unencrypted RPC.
The former isn't too bad, but you get this very unintuitive error about "Server: XXX.XXX.XXX.XXX had twenty failures in the past..." after a few seconds. It's not straightforward in saying "the server requires SSL, but you didn't provide SSL credentials".
The bad side is when the client is providing SSL and the server is not expecting it. Because of the very quick retry on a failed connection by the client, getting a Connector can act as a denial of service attack against the tserver, quickly causing it to OOME.
Backing off on the client-side retries would be desirable, in addition to adding some more "smarts" so that the client can know the difference between a handshake failure and a general server error.