Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 88433200BBB for ; Thu, 10 Nov 2016 11:22:00 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 86D50160B14; Thu, 10 Nov 2016 10:22:00 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id CCCEB160AF6 for ; Thu, 10 Nov 2016 11:21:59 +0100 (CET) Received: (qmail 52221 invoked by uid 500); 10 Nov 2016 10:21:58 -0000 Mailing-List: contact commits-help@cassandra.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cassandra.apache.org Delivered-To: mailing list commits@cassandra.apache.org Received: (qmail 52180 invoked by uid 99); 10 Nov 2016 10:21:58 -0000 Received: from arcas.apache.org (HELO arcas) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 10 Nov 2016 10:21:58 +0000 Received: from arcas.apache.org (localhost [127.0.0.1]) by arcas (Postfix) with ESMTP id B82EF2C4C77 for ; Thu, 10 Nov 2016 10:21:58 +0000 (UTC) Date: Thu, 10 Nov 2016 10:21:58 +0000 (UTC) From: "Stefan Podkowinski (JIRA)" To: commits@cassandra.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (CASSANDRA-10404) Node to Node encryption transitional mode MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 archived-at: Thu, 10 Nov 2016 10:22:00 -0000 [ https://issues.apache.org/jira/browse/CASSANDRA-10404?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15653670#comment-15653670 ] Stefan Podkowinski commented on CASSANDRA-10404: ------------------------------------------------ Looks like with CASSANDRA-8457 it's rather trivial to implement both encrypted and unencrypted messaging on the same port based on the implementation that we added in CASSANDRA-10559 for client-to-node. See my version of [NettyFactory|https://github.com/spodkowinski/cassandra/commit/66b9b5bfbe7b525ebb50bd6d9c3f6148a1fa19d9]. But how would we handle such transition when it comes to used storage_ports? I think CASSANDRA-7544 would be really nice to have here, as we could simply stick to a single port with optional encryption for ssl nodes, without having to worry how outgoing connections can determine which port to connect to, depending whether the target node would already have been switched to ssl or not. > Node to Node encryption transitional mode > ----------------------------------------- > > Key: CASSANDRA-10404 > URL: https://issues.apache.org/jira/browse/CASSANDRA-10404 > Project: Cassandra > Issue Type: New Feature > Reporter: Tom Lewis > Assignee: Jason Brown > > Create a transitional mode for encryption that allows encrypted and unencrypted traffic node-to-node during a change over to encryption from unencrypted. This alleviates downtime during the switch. > This is similar to https://issues.apache.org/jira/browse/CASSANDRA-8803 which is intended for client-to-node -- This message was sent by Atlassian JIRA (v6.3.4#6332)