cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From aaron morton <aa...@thelastpickle.com>
Subject Re: SSL & Streaming
Date Mon, 13 Jun 2011 23:34:48 GMT
Sasha does https://github.com/apache/cassandra/blob/cassandra-0.8.0/conf/cassandra.yaml#L362
help ?

A


-----------------
Aaron Morton
Freelance Cassandra Developer
@aaronmorton
http://www.thelastpickle.com

On 13 Jun 2011, at 23:26, AJ wrote:

> Performance-wise, I think it would be better to just let the client encrypt sensitive
data before storing it, versus encrypting all traffic all the time.  If individual values
are encrypted, then they don't have to be encrypted/decrypted during transit between nodes
during the initial updates as well as during the commissioning of a new node or other times.
> 
> A drawback, however, is now you have to manage one or more keys for the lifetime of the
data.  It will also complicate your data view interfaces.  However, if Cassandra had data
encryption built-in somehow, that would solve this problem... just thinking out loud.
> 
> Can anyone think of other pro/cons of both strategies?
> 
> On 3/22/2011 2:21 AM, Sasha Dolgy wrote:
>> Hi,
>> 
>> Is there documentation available anywhere that describes how one can
>> use org.apache.cassandra.security.streaming.* ?   After the EC2 posts
>> yesterday, one question I was asked was about the security of data
>> being shifted between nodes.  Is it done in clear text, or
>> encrypted..?  I haven't seen anything to suggest that it's encrypted,
>> but see in the source that security.streaming does leverage SSL ...
>> 
>> Thanks in advance for some pointers to documentation.
>> 
>> Also, for anyone who is using SSL .. how much of a performance impact
>> have you noticed?  Is it minimal or significant?
>> 
> 


Mime
View raw message