cool, I just added you to the invite On Tue, Sep 16, 2014 at 10:57 AM, Harsha <ka...@harsha.io> wrote:
> Hi Joe, > I am interested in joining the efforts. I went through apache > storm security with kerberos so I can bring some of that > experience into the discussion. > Thanks, > Harsha > > On Tue, Sep 16, 2014, at 10:37 AM, Joe Stein wrote: > > Hi Andrew, yes the meeting took place and we plan to-do it every two > > weeks > > (same bat time, same bat channel) moving forward. > > > > In attendance was Michael Herstine (LinkedIn), Arvind Mani (LinkedIn), > > Gwen > > Shapira (Cloudera) and myself. > > > > Gwen updated the wiki after our discussion. Basically we are thinking of > > using 3 ports one for plain text (so like it is now), one for SASL > > (implementing username/password and kerberos at least) and one for SSL > > and > > they will all be configurable on/off. Some investigation is going on now > > to see about how we can do this without making any wire protocol changes > > (ideal) or minimal changes at least. > > > > Let me know and I can add you to the invite if you would like to > > contribute > > the more help and input the better for sure. > > > > Also in regards to KAFKA-1477 I just asked Ivan to update the patch to > > latest trunk and we could (demand required) make a patch that works with > > 0.8.1.X too for folks to use... This doesn't work yet with the new > > producer > > (TBD) or any other clients so be aware it is not yet baked in and from > > release project perspective I don't know what in that patch will survive > > (hopefully all of it). > > > > /******************************************* > > Joe Stein > > Founder, Principal Consultant > > Big Data Open Source Security LLC > > http://www.stealth.ly > > Twitter: @allthingshadoop <http://www.twitter.com/allthingshadoop> > > ********************************************/ > > > > On Tue, Sep 16, 2014 at 10:17 AM, Andrew Psaltis > > <psaltis.and...@gmail.com> > > wrote: > > > > > Hi, > > > I was just reading the recent changes to: > > > https://cwiki.apache.org/confluence/display/KAFKA/Security after > getting > > > off a call about Kafka security and how we are jumping through hoops -- > > > like having PGP keys on the consumers and producers to get around the > lack > > > of SSL support. Did the meeting that Joe proposed happen for Sept 9th > > > happen? If not is there a plan to have it? I was also looking at: > > > https://issues.apache.org/jira/browse/KAFKA-1477 and it seems like > there > > > have been no comments since 11/08/2014. I would be interested in > helping > > > with the TLS/SSL support as we have a need for it now. > > > > > > Thanks, > > > Andrew > > > >
