Return-Path: 
 <common-issues-return-57945-apmail-hadoop-common-issues-archive=hadoop.apache.org@hadoop.apache.org>
X-Original-To: apmail-hadoop-common-issues-archive@minotaur.apache.org
Delivered-To: apmail-hadoop-common-issues-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 8568A10ED6
	for <apmail-hadoop-common-issues-archive@minotaur.apache.org>;
 Fri, 14 Feb 2014 23:19:24 +0000 (UTC)
Received: (qmail 15672 invoked by uid 500); 14 Feb 2014 23:19:23 -0000
Delivered-To: apmail-hadoop-common-issues-archive@hadoop.apache.org
Received: (qmail 15517 invoked by uid 500); 14 Feb 2014 23:19:21 -0000
Mailing-List: contact common-issues-help@hadoop.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:common-issues-help@hadoop.apache.org>
List-Unsubscribe: <mailto:common-issues-unsubscribe@hadoop.apache.org>
List-Post: <mailto:common-issues@hadoop.apache.org>
List-Id: <common-issues.hadoop.apache.org>
Reply-To: common-issues@hadoop.apache.org
Delivered-To: mailing list common-issues@hadoop.apache.org
Received: (qmail 15489 invoked by uid 99); 14 Feb 2014 23:19:21 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 14 Feb 2014 23:19:21 +0000
Date: Fri, 14 Feb 2014 23:19:21 +0000 (UTC)
From: "Daryn Sharp (JIRA)" <jira@apache.org>
To: common-issues@hadoop.apache.org
Message-ID: <JIRA.12687727.1389126815492.46921.1392419961123@arcas>
In-Reply-To: <JIRA.12687727.1389126815492@arcas>
References: <JIRA.12687727.1389126815492@arcas>
Subject: [jira] [Commented] (HADOOP-10211) Enable RPC protocol to negotiate
 SASL-QOP values between clients and servers
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/HADOOP-10211?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13902104#comment-13902104 ] 

Daryn Sharp commented on HADOOP-10211:
--------------------------------------

+1  Nice!


> Enable RPC protocol to negotiate SASL-QOP values between clients and servers
> ----------------------------------------------------------------------------
>
>                 Key: HADOOP-10211
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10211
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 2.2.0
>            Reporter: Benoy Antony
>            Assignee: Benoy Antony
>         Attachments: HADOOP-10211.patch, HADOOP-10211.patch, HADOOP-10211.patch, HADOOP-10211.patch, HADOOP-10211.patch, HADOOP-10221.sample
>
>
> SASL allows different types of protection are referred to as the quality of protection (qop). It is negotiated between the client and server during the authentication phase of the SASL exchange. Currently hadoop allows specifying a single QOP value  via _hadoop.rpc.protection_. 
> The enhancement enables a user to specify multiple QOP values -  _authentication_, _integrity_, _privacy_ as a comma separated list via _hadoop.rpc.protection_
> The client and server can have different set of values for  _hadoop.rpc.protection_ and they will negotiate to determine the QOP to be used for communication.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)