Return-Path: X-Original-To: apmail-accumulo-notifications-archive@minotaur.apache.org Delivered-To: apmail-accumulo-notifications-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id A5D71E264 for ; Thu, 31 Jan 2013 18:55:14 +0000 (UTC) Received: (qmail 77361 invoked by uid 500); 31 Jan 2013 18:55:14 -0000 Delivered-To: apmail-accumulo-notifications-archive@accumulo.apache.org Received: (qmail 77317 invoked by uid 500); 31 Jan 2013 18:55:14 -0000 Mailing-List: contact notifications-help@accumulo.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jira@apache.org Delivered-To: mailing list notifications@accumulo.apache.org Received: (qmail 77200 invoked by uid 99); 31 Jan 2013 18:55:14 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 31 Jan 2013 18:55:14 +0000 Date: Thu, 31 Jan 2013 18:55:14 +0000 (UTC) From: "Christopher Tubbs (JIRA)" To: notifications@accumulo.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (ACCUMULO-958) Support pluggable encryption in walogs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/ACCUMULO-958?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13567939#comment-13567939 ] Christopher Tubbs commented on ACCUMULO-958: -------------------------------------------- If this is going to make it in to the existing code, however polished it will be by the next release, I'd like to see it clearly marked as experimental, until it is available as a complete and coherent framework for encrypting table contents. So, I suggest moving the relevant classes into an "experimental" sub-package, and minimizing references to them in other code. I looked for a built-in "@Experimental" annotation, but couldn't find one, so we could create one for this sort of thing (but I still prefer the sub-package until it is no longer experimental). I do *not* think that they should be marked as "@Deprecated" because that implies a completely different point in the life cycle of the code (in fact, it implies the opposite end of that life cycle). That said, what exactly are the next actions, and the timeline for polishing this feature? From the previous comment, I gather "tests", and "tidiness" (which I interpret to mean QA refactorings, but not functional changes that incorporate critical feedback). Are there more anticipated actions that I've overlooked? > Support pluggable encryption in walogs > -------------------------------------- > > Key: ACCUMULO-958 > URL: https://issues.apache.org/jira/browse/ACCUMULO-958 > Project: Accumulo > Issue Type: Improvement > Components: logger > Reporter: John Vines > Assignee: Michael Allen > Fix For: 1.5.0 > > Attachments: ACCUMULO-958-actual-changes.patch, accumulo-958.diff > > > There are some cases where users want encryption at rest for the walogs. It should be fairly trivial to implement it in such a way to insert a CipherOutputStream into the data path (defaulting to using a NullCipher) and then making the Cipher pluggable to users can insert the appropriate mechanisms for their use case. > This also means swapping in CipherInputStream and putting in a check to make sure the Cipher type's match at read and write time. Possibly a versioning mechanism so people can migrate Ciphers. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira