zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Abraham Fine (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (ZOOKEEPER-236) SSL Support for Atomic Broadcast protocol
Date Tue, 07 Mar 2017 06:32:33 GMT

    [ https://issues.apache.org/jira/browse/ZOOKEEPER-236?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15898820#comment-15898820
] 

Abraham Fine commented on ZOOKEEPER-236:
----------------------------------------

Hi [~geek101]-

Thanks for letting me know about the work that you have done. I apologize if I have missed
it somewhere else in JIRA. Hopefully we can combine efforts here.

I wanted to discuss about the way that certificates are being handled in your patch, which
I think is a fundamental difference in our two approaches (which I think is based on different
operational assumptions).

Your patch, and please correct me if I am wrong, appears to use self signed certs on each
node and a fingerprint (passed through the configuration system) as a mechanism of verification.
This makes zookeeper self contained and easy to manage.

My patch assumes certificates are likely not self signed and some public key (or possibly
keys) are available in the trust store that would be able to authenticate all zk servers.
I think this has the advantage of making it much more difficult for unauthorized servers to
join a quorum as they would need to have access to the CA that was used to generate the keys
in the truststore. In addition, I needed to make minimal changes to the config system.

What do you think is the best path forward?

Abe

> SSL Support for Atomic Broadcast protocol
> -----------------------------------------
>
>                 Key: ZOOKEEPER-236
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-236
>             Project: ZooKeeper
>          Issue Type: New Feature
>          Components: quorum, server
>            Reporter: Benjamin Reed
>            Assignee: Abraham Fine
>            Priority: Minor
>
> We should have the ability to use SSL to authenticate and encrypt the traffic between
ZooKeeper servers. For the most part this is a very easy change. We would probably only want
to support this for TCP based leader elections.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message