You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@spark.apache.org by "zoli (Jira)" <ji...@apache.org> on 2021/10/12 14:51:00 UTC

[jira] [Updated] (SPARK-36988) What ciphers spark support for internode communication?

     [ https://issues.apache.org/jira/browse/SPARK-36988?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

zoli updated SPARK-36988:
-------------------------
    Summary: What ciphers spark support for internode communication?  (was: What chipers spark support for internode communication?)

> What ciphers spark support for internode communication?
> -------------------------------------------------------
>
>                 Key: SPARK-36988
>                 URL: https://issues.apache.org/jira/browse/SPARK-36988
>             Project: Spark
>          Issue Type: Question
>          Components: Security
>    Affects Versions: 3.1.2
>            Reporter: zoli
>            Priority: Minor
>
> {{Spark documentation mentions this:}}
>  {{[https://spark.apache.org/docs/3.0.0/security.html]}}
> {code:java}
> spark.network.crypto.config.*
> "Configuration values for the commons-crypto library, such as which cipher implementations to use. The config name should be the name of commons-crypto configuration without the commons.crypto prefix."{code}
> {{What this means?}}
>  {{If I leave it to None what will happen? There won't be any encryption used or will it fallback to some default one?}}
>  {{The common-crypto mentions that it uses JCE or OPENSSL implementations, but says nothing about the ciphers.}}
>  {{Does it support everything the given JVM does?}}
> {{The documentation is vague on this.}}
> {{However the spark ui part for the security is clear:}}
> {code:java}
> ${ns}.enabledAlgorithms
> A comma-separated list of ciphers. The specified ciphers must be supported by JVM. The reference list of protocols can be found in the "JSSE Cipher Suite Names" section of the Java security guide. The list for Java 8 can be found at this page. Note: If not set, the default cipher suite for the JRE will be used.{code}
> {{ }}
>  {{So what will happen if I leave spark.network.crypto.config.* to None?}}
>  {{And what ciphers are supported?}}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@spark.apache.org
For additional commands, e-mail: issues-help@spark.apache.org