You are viewing a plain text version of this content. The canonical link for it is here.

Posted to hdfs-dev@hadoop.apache.org by "Jerry Chen (JIRA)" <ji...@apache.org> on 2016/03/04 04:46:40 UTC

[jira] [Created] (HDFS-9899) The implication of auth-conf is not followed in optimized HDFS data transfer encryption

Jerry Chen created HDFS-9899:
--------------------------------

             Summary: The implication of auth-conf is not followed in optimized HDFS data transfer encryption
                 Key: HDFS-9899
                 URL: https://issues.apache.org/jira/browse/HDFS-9899
             Project: Hadoop HDFS
          Issue Type: Bug
          Components: encryption
    Affects Versions: 2.6.0
            Reporter: Jerry Chen


HDFS-6606 provided an optimized way of HDFS data transfer encryption. The optimized encryption is build on top of SASL wrap/unwrap when auth-conf is configured.

When user specifies auth-conf, he wants both integrity and confidential. While the current implementation of the optimization implements only confidential with AES/CTR and there is no integrity grantees, which means the implications of auth-conf were not strictly followed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)