Questions regarding Kafka-1477

[Jan Filipiak <Ja...@trivago.com>]

Hi,

just out of curiosity and because of Eugene's email, I browsed 
Kafka-1477 and it talks about SSL alot. So I thought I might throw in 
this http://tools.ietf.org/html/rfc7568 RFC. It basically says move away 
from SSL now and only do TLS. The title of the ticket still mentions TLS 
but afterwards its only SSL, haven't looked at any patches or library 
code so I can't really judge what's going on.

Further I found people starting to talk about sendfile(2) TLS support, 
here for example https://people.freebsd.org/~rrs/asiabsd_2015_tls.pd 
<https://people.freebsd.org/%7Errs/asiabsd_2015_tls.pd>f. So maybe we 
can keep this door open that at some point the Kernel will be able to do 
TLS for us?





On 02.07.2015 22:24, eugene miretsky wrote:
> HI,
>
> There is some work being done on security in Kafka:
> Confluence: https://cwiki.apache.org/confluence/display/KAFKA/Security
> Jira: https://issues.apache.org/jira/browse/KAFKA-1682
>
> It seems like the main blockers are KAFKA-1477
> <https://issues.apache.org/jira/browse/KAFKA-1477>, KAFKA-1691
> <https://issues.apache.org/jira/browse/KAFKA-1691>  and KAFKA-1690
> <https://issues.apache.org/jira/browse/KAFKA-1690>.
>
> Is there an anticipated road map for when all the security features will be
> done and merged in to trunk?
>
(