Thank you Alex. I was hoping session key might be used to encrypt meta data.
Thanks, Mary On Mon, Sep 23, 2024, 1:24 AM Alex Hussein-Kershaw (HE/HIM) < alex...@microsoft.com> wrote: > Feels like you answered your own question here - why not just use HTTPS > for your multisite sync? > > I'm not aware of any other encryption mechanisms for metadata (I guess > using SSE encryption for your data may save that going over in plain text) > and would assume that just using HTTP would indeed be a security risk. > > ------------------------------ > *From:* maryzhang0...@gmail.com <maryzhang0...@gmail.com> > *Sent:* Thursday, September 19, 2024 6:01 AM > *To:* ceph-users@ceph.io <ceph-users@ceph.io> > *Subject:* [EXTERNAL] [ceph-users] Multisite sync: is metadata > transferred in plain text? > > Hi, > > We have a multisite Ceph configuration, with http (not https) sync > endpoints. Are all sync traffic in plain text? > We have concerns about metadata. For example, when syncing a newly created > user and its access key and secret key from the Master zone to a secondary > zone, is this traffic in plain text? If so, what are options to encrypt it? > > Thank you, > Mary > _______________________________________________ > ceph-users mailing list -- ceph-users@ceph.io > To unsubscribe send an email to ceph-users-le...@ceph.io > _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
