hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alejandro Abdelnur (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HADOOP-10757) KeyProvider KeyVersion should provide the key name
Date Fri, 27 Jun 2014 00:22:24 GMT

    [ https://issues.apache.org/jira/browse/HADOOP-10757?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14045370#comment-14045370

Alejandro Abdelnur commented on HADOOP-10757:

The {{KMSClientProvider}} and the {{KMS}} REST API must handle the name explicitly because
the {{KeyProvider}} configured in the {{KMS}} may handle it explicitly as well.

> KeyProvider KeyVersion should provide the key name
> --------------------------------------------------
>                 Key: HADOOP-10757
>                 URL: https://issues.apache.org/jira/browse/HADOOP-10757
>             Project: Hadoop Common
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 3.0.0
>            Reporter: Alejandro Abdelnur
>            Assignee: Arun Suresh
> Currently the {{KeyVersion}} does not provide a way to get the key name to do a reverse
lookup to get the metadata of the key.
> For the {{JavaKeyStoreProvider}} and the {{UserProvider}} this is not an issue because
the key name is encoded in the key version name. 
> This encoding of the key name in the key version name cannot be expected in all KeyProvider
implementations. It is common for key management systems to use UUID to refer to specific
key materials (KeyVersions in Hadoop parlance).

This message was sent by Atlassian JIRA

View raw message