You are viewing a plain text version of this content. The canonical link for it is here.
Posted to hdfs-dev@hadoop.apache.org by "Jerry Chen (JIRA)" <ji...@apache.org> on 2016/03/04 04:46:40 UTC
[jira] [Created] (HDFS-9900) The implication of auth-conf is not
followed in optimized HDFS data transfer encryption
Jerry Chen created HDFS-9900:
--------------------------------
Summary: The implication of auth-conf is not followed in optimized HDFS data transfer encryption
Key: HDFS-9900
URL: https://issues.apache.org/jira/browse/HDFS-9900
Project: Hadoop HDFS
Issue Type: Bug
Components: encryption
Affects Versions: 2.6.0
Reporter: Jerry Chen
HDFS-6606 provided an optimized way of HDFS data transfer encryption. The optimized encryption is build on top of SASL wrap/unwrap when auth-conf is configured.
When user specifies auth-conf, he wants both integrity and confidential. While the current implementation of the optimization implements only confidential with AES/CTR and there is no integrity grantees, which means the implications of auth-conf were not strictly followed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)