Return-Path: 
 <cassandra-user-return-1589-apmail-incubator-cassandra-user-archive=incubator.apache.org@incubator.apache.org>
Delivered-To: apmail-incubator-cassandra-user-archive@minotaur.apache.org
Received: (qmail 76234 invoked from network); 2 Dec 2009 21:54:02 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 2 Dec 2009 21:54:02 -0000
Received: (qmail 26151 invoked by uid 500); 2 Dec 2009 21:54:01 -0000
Delivered-To: apmail-incubator-cassandra-user-archive@incubator.apache.org
Received: (qmail 26108 invoked by uid 500); 2 Dec 2009 21:54:01 -0000
Mailing-List: contact cassandra-user-help@incubator.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:cassandra-user-help@incubator.apache.org>
List-Unsubscribe: <mailto:cassandra-user-unsubscribe@incubator.apache.org>
List-Post: <mailto:cassandra-user@incubator.apache.org>
List-Id: <cassandra-user.incubator.apache.org>
Reply-To: cassandra-user@incubator.apache.org
Delivered-To: mailing list cassandra-user@incubator.apache.org
Received: (qmail 26098 invoked by uid 99); 2 Dec 2009 21:54:01 -0000
Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Dec 2009 21:54:01 +0000
X-ASF-Spam-Status: No, hits=-0.0 required=10.0
	tests=SPF_PASS
X-Spam-Check-By: apache.org
Received-SPF: pass (nike.apache.org: domain of jakers@gmail.com designates
 209.85.212.182 as permitted sender)
Received: from [209.85.212.182] (HELO mail-vw0-f182.google.com)
 (209.85.212.182)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 02 Dec 2009 21:53:52 +0000
Received: by vws12 with SMTP id 12so276293vws.12
        for <cassandra-user@incubator.apache.org>;
 Wed, 02 Dec 2009 13:53:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:received:received:message-id:from:to
         :in-reply-to:content-type:content-transfer-encoding:x-mailer
         :mime-version:subject:date:references;
        bh=9kpIPmMGObu1wfWGvWoKzHq6D2Pyb71Uqts05hf9Zdg=;
        b=qvRt9xqhHOdm07Q9uoEbJXRH9EYhlpwgaeeLuybgpOC4It9aPGF3AxEfEaQ+aawMOT
         Vkm4ajw2B7bnkAKgTLKWmM3+mLp1rXUh/lynPhqHPddQ/7bUWl7oFkeWF0dk5HGPD90/
         IfabjhyIdSHIZeSB9UKOUTK/BEiNaJnqMjo9w=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=message-id:from:to:in-reply-to:content-type
         :content-transfer-encoding:x-mailer:mime-version:subject:date
         :references;
        b=OLjAy+7AvVJEVUW0vPaQvWlpDuInXBOnu5B+oAQ6WZdjje9jjJ0xf8XoiZmoZ7EV4Y
         gr25tR6zxfbwodYoPl7wHgFJhj210Hjb3dNnk7pITn9lg5viF8D4WtLNNcjz5KqBG9JM
         uquC1TdhhGWbZKf1w1FpgjvicB1hPHjonbLFo=
Received: by 10.220.121.233 with SMTP id i41mr763132vcr.110.1259790811018;
        Wed, 02 Dec 2009 13:53:31 -0800 (PST)
Received: from ?10.134.18.198? (mobile-166-137-134-154.mycingular.net
 [166.137.134.154])
        by mx.google.com with ESMTPS id 21sm2993715vws.3.2009.12.02.13.53.27
        (version=TLSv1/SSLv3 cipher=RC4-MD5);
        Wed, 02 Dec 2009 13:53:29 -0800 (PST)
Message-Id: <28E305A6-9C8C-4016-BC1B-07FD9C9C0C06@gmail.com>
From: Jake Luciani <jakers@gmail.com>
To: "cassandra-user@incubator.apache.org"
 <cassandra-user@incubator.apache.org>
In-Reply-To: <e06563880912021342j5fd576dh6286ea06a1a99039@mail.gmail.com>
Content-Type: text/plain;
	charset=us-ascii;
	format=flowed;
	delsp=yes
Content-Transfer-Encoding: 7bit
X-Mailer: iPhone Mail (7C144)
Mime-Version: 1.0 (iPhone Mail 7C144)
Subject: Re: Cassandra access control
Date: Wed, 2 Dec 2009 16:53:04 -0500
References: <87eio6p7pb.fsf@lifelogs.com>
 <ff1a07b80912020713n2485e001x6a9df005d905b62f@mail.gmail.com>
 <87ljhljhv2.fsf@lifelogs.com> <1259784893.10676.32.camel@achilles>
 <87zl61i0kn.fsf@lifelogs.com> <1259786109.10676.35.camel@achilles>
 <ff1a07b80912021254v30d524qeafd3c3222e1b4d7@mail.gmail.com>
 <48011D13-469E-4D19-83CF-DE9292210B88@gmail.com>
 <764B352CF55C514F816B4B14BD2450D804114C45@bcs-mail04.internal.cacheflow.com>
 <C1DD281C-F5C2-4622-8FA7-EE9B2C4FE0AB@gmail.com>
 <e06563880912021342j5fd576dh6286ea06a1a99039@mail.gmail.com>
X-Virus-Checked: Checked by ClamAV on apache.org

Got it.

On Dec 2, 2009, at 4:42 PM, Jonathan Ellis <jbellis@gmail.com> wrote:

> It doesn't have to be the outside world, just apps from different
> groups.  Which is the whole (or at least, a major) reason we added
> multiple keyspaces.
>
> On Wed, Dec 2, 2009 at 3:38 PM, Jake Luciani <jakers@gmail.com> wrote:
>> If there is a use case to open a Cassandra cluster to the world  
>> then I
>> agree.
>>
>> Sent from my iPhone
>>
>> On Dec 2, 2009, at 4:24 PM, "Coe, Robin" <robin.coe@bluecoat.com>  
>> wrote:
>>
>>> NoSQL doesn't mean no security.  A production database engine has to
>>> protect its data.  The trick is to make the auth framework fast  
>>> enough
>>> that it doesn't adversely affect performance and robust enough  
>>> that an
>>> application requesting data doesn't have to jump through hoops to  
>>> get
>>> it.
>>>
>>> -----Original Message-----
>>> From: Jake Luciani [mailto:jakers@gmail.com]
>>> Sent: December 2, 2009 4:00 PM
>>> To: cassandra-user@incubator.apache.org
>>> Subject: Re: Cassandra access control
>>>
>>> +1 this is nosql afterall.
>>>
>>> Sent from my iPhone
>>>
>>> On Dec 2, 2009, at 3:54 PM, Mark Robson <markxr@gmail.com> wrote:
>>>
>>>> How about we make authentication optional, and have the protocol
>>>> being stateful only if you want to authenticate?
>>>>
>>>> That way we don't break backwards compatibility or introduce extra
>>>> complexity for people who don't need it.
>>>>
>>>> Mark
>>