accumulo-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Berman (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ACCUMULO-1009) Support encryption over the wire
Date Thu, 19 Sep 2013 01:24:51 GMT

    [ https://issues.apache.org/jira/browse/ACCUMULO-1009?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13771493#comment-13771493
] 

Michael Berman commented on ACCUMULO-1009:
------------------------------------------

Anyone else want to weigh in?  It seems pretty clear that neither of us is going to convince
the other.  Just looked over the jetty and tomcat SSL howtos, btw, and both have special settings
in their conf to set where to find keystores and truststores.  JSSE is a nice dream, but I
don't believe it's so universally supported that anything can be asserted about "any other
Java application."  It is true that neither provides a tool to help provision certs, but also
neither of them are typically deployed in massive clusters where it makes sense for them to
have their own dedicated root.  Wanting to limit scope is a fair point, but I think dramatically
easing setup of what I imagine to be the most common deployment pattern is worth it.  We could
ask people to create their own accumulo tree in HDFS (and plenty of other hadoop-based tools'
first step is "run this hadoop command..."), but instead we have init do it because complicated
install procedures are a huge barrier to adoption.
                
> Support encryption over the wire
> --------------------------------
>
>                 Key: ACCUMULO-1009
>                 URL: https://issues.apache.org/jira/browse/ACCUMULO-1009
>             Project: Accumulo
>          Issue Type: New Feature
>            Reporter: Keith Turner
>            Assignee: Michael Berman
>             Fix For: 1.6.0
>
>         Attachments: ACCUMULO-1009_thriftSsl.patch
>
>
> Need to support encryption between ACCUMULO clients and servers.  Also need to encrypt
communications between server and servers.   
> Basically need to make it possible for users to enable SSL+thrift.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message