merlimat commented on a change in pull request #350: Issue 349: Documentation for security feature in 4.5.0 URL: https://github.com/apache/bookkeeper/pull/350#discussion_r130791526
########## File path: site/docs/security/tls.md ########## @@ -0,0 +1,178 @@ +--- +title: Encryption and Authentication using TLS +prev: ../index.html +next: ../sasl +--- + +Apache BookKeeper allows clients and autorecovery daemons to communicate over TLS, although this is not enabled by default. + +## Overview + +The bookies and clients need their own key and certificate in order to use TLS. The key is used for encryption, while the Review comment: > clients need their own key and certificate If you only want to do encryption, in general there's no need for the client to configure a certificate. A self-signed certificate should be created on the spot. (I have not checked if it's actually true in the current implementation) ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
