You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mesos.apache.org by "Niklas Quarfot Nielsen (JIRA)" <ji...@apache.org> on 2014/05/02 23:20:15 UTC

[jira] [Commented] (MESOS-910) Add encryption support for master/slave/framework channels

    [ https://issues.apache.org/jira/browse/MESOS-910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13988264#comment-13988264 ] 

Niklas Quarfot Nielsen commented on MESOS-910:
----------------------------------------------

I think it makes sense to think in terms of different low or middle layer transports which we could capture connection life-cycles and network send/receive primitives in a much explicit manner than currently in libprocess. If that sounds reasonable to use, I will go ahead and create a ticket for such an abstraction and move this discussion to a subtask of the new one.

Thoughts?

> Add encryption support for master/slave/framework channels
> ----------------------------------------------------------
>
>                 Key: MESOS-910
>                 URL: https://issues.apache.org/jira/browse/MESOS-910
>             Project: Mesos
>          Issue Type: Story
>          Components: general, libprocess
>            Reporter: Adam B
>              Labels: encryption, security
>
> Currently all the messages that flow through the Mesos cluster are unencrypted making it possible for intruders to intercept and potentially control your task. We plan to add encryption support by adding SSL/TLS support to libprocess, the low-level communication library that Mesos uses for all network communication between Mesos components.
> As a first step, we should replace the hand-coded http code in libprocess with a standard library, ensuring that any mesos custom code like routing remains. Then, transition to https should be easier.



--
This message was sent by Atlassian JIRA
(v6.2#6252)