cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason Brown (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-9633) Add ability to encrypt sstables
Date Tue, 09 Feb 2016 23:36:18 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15140008#comment-15140008
] 

Jason Brown commented on CASSANDRA-9633:
----------------------------------------

bq. I think adding an table parameter would make the most sense

I had thought about that, as well, so now with a second 'vote', I'll dig into implementing
it with a table parameter.

bq. doesn't seem to address the encryption of index and summary files

I was hoping to make those separate tickets, tbh - and working on those things, I felt, depended
on having a reasonable plan forward on the sstables (this ticket). Are you good with separate
tickets for that work, or does it make sense to lump it here?

bq. adding a {{compressesIndexFiles}} to ICompressor

Not sure I understand the suggestion here. Can you clarify a bit?

> Add ability to encrypt sstables
> -------------------------------
>
>                 Key: CASSANDRA-9633
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-9633
>             Project: Cassandra
>          Issue Type: New Feature
>            Reporter: Jason Brown
>            Assignee: Jason Brown
>              Labels: encryption, security, sstable
>             Fix For: 3.x
>
>
> Add option to allow encrypting of sstables.
> I have a version of this functionality built on cassandra 2.0 that piggy-backs on the
existing sstable compression functionality and ICompressor interface (similar in nature to
what DataStax Enterprise does). However, if we're adding the feature to the main OSS product,
I'm not sure if we want to use the pluggable compression framework or if it's worth investigating
a different path. I think there's a lot of upside in reusing the sstable compression scheme,
but perhaps add a new component in cqlsh for table encryption and a corresponding field in
CFMD.
> Encryption configuration in the yaml can use the same mechanism as CASSANDRA-6018 (which
is currently pending internal review).



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message