You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@kafka.apache.org by Dhruvil Shah <dh...@confluent.io> on 2018/05/19 17:10:02 UTC

[DISCUSS] KIP-306: Configuration for Delaying Response to Failed Client Authentication

Hi,

I created a KIP that proposes we add a broker configuration to delay
responses to failed client authentication. This will help prevent DoS-like
situations because of a misconfigured application trying to connect with
incorrect or stale credentials over and over again.

Link to the KIP:
https://cwiki.apache.org/confluence/display/KAFKA/KIP-306%3A+Configuration+for+Delaying+Response+to+Failed+Client+Authentication

Because this is a fairly short and straightforward KIP, I will start a vote
tomorrow if there are no major objections.

Suggestions and feedback are welcome!

Thanks,
Dhruvil