cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jonathan Ellis (JIRA)" <j...@apache.org>
Subject [jira] Commented: (CASSANDRA-1567) Provide configurable encryption support for internode communication
Date Tue, 11 Jan 2011 15:08:52 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-1567?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12980134#action_12980134
] 

Jonathan Ellis commented on CASSANDRA-1567:
-------------------------------------------

bq. make the default cipher suite we use to AES_128/256 with SHA

This looks like all that needs to be done to close out this ticket.  That and probably a fairly
hairy rebase. :)

> Provide configurable encryption support for internode communication
> -------------------------------------------------------------------
>
>                 Key: CASSANDRA-1567
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-1567
>             Project: Cassandra
>          Issue Type: New Feature
>          Components: Core
>            Reporter: Nirmal Ranganathan
>            Assignee: Nirmal Ranganathan
>             Fix For: 0.7.1
>
>         Attachments: 0002-Configurable-internode-encryption-option.patch, 0003-Default-Key-and-Certificate-for-internode-SSL.patch
>
>
> Provide the option to encrypt internode communication. The initial thought is to use
JSSE (http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html)
to wrap the existing ServerSocket & Sockets. This will only be an optional configuration
and not enabled by default. The defaults would be TLS V1, RSA 1024-bit keys for handshake
and SSL_RSA_WITH_RC4_128_MD5 as the cipher suite. Although this can be made configurable if
the need arises. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message