Hi Doung/Weichiu @anu, IMO, ARP spoofing is not possible,
- Secret key is shared to *registered DN*, who is registered to SCM securely (similar to private certificate of DN generated by SCM) - Secret key validity is 7 days (configurable), so reduce impact of leak of secret key. SCM to client to DN-- its hash value generated using secret key for token, so it is not possible to generate the same hash with tampering. It's agreed that the shared key is more vulnerable than the Private/Public Key pair approach, but considering the performance as required, the secret key is much better. And considering the existing mechanism of sharing secret keys, it seems safe to continue. It looks good to me. binding +1 Regards Sumit On Thu, Jun 1, 2023 at 12:01 AM Uma Maheswara Rao Gangumalla < umaganguma...@gmail.com> wrote: > This is hadoop bylaw: > > - > > Code Change > > A change made to a codebase of the project and committed by a committer. > This includes source code, documentation, website content, etc. > > Consensus approval of active committers, but with a minimum of one +1. > The code can be committed after the first +1, unless the code change > represents a merge from a branch, in which case three +1s are required. > > https://hadoop.apache.org/bylaws.html > > Regards, > Uma > > On Wed, May 31, 2023 at 11:29 AM Siddharth Wagle <swa...@apache.org> > wrote: > > > @Wei-Chiu Chuang <weic...@cloudera.com> AFAIK we adopted Hadoop bylaws. > So > > it should be 3 committer +1s, right? > > > > - Sid > > > > On Wed, May 31, 2023 at 11:17 AM Wei-Chiu Chuang <weic...@apache.org> > > wrote: > > > > > What does it take to pass a vote? Does it require PMCs or can any > > > contributors can vote? > > > I checked around and don't think there's an Apache org-wide bylaws > > > dictating branch merge votes. And we don't have bylaws for Ozone > project > > > itself. > > > > > > On Wed, May 31, 2023 at 11:08 AM Uma Maheswara Rao Gangumalla < > > > umaganguma...@gmail.com> wrote: > > > > > > > Thank you Duong for the update. I don't have any objections to it. > > > > If no further objections, probably let's start a vote thread in a day > > or > > > > two? > > > > > > > > Regards, > > > > Uma > > > > > > > > On Tue, May 30, 2023 at 5:10 PM Duong Nguyen > > <du...@cloudera.com.invalid > > > > > > > > wrote: > > > > > > > > > Thanks for the review, Uma. > > > > > > > > > > I've updated the JIRA title to remove DFSIO. We only want to test > OM > > > pure > > > > > performance and DFSIO is not mandatory. > > > > > > > > > > Thanks, > > > > > Duong > > > > > > > > > > On Tue, May 30, 2023 at 11:33 AM Uma Maheswara Rao Gangumalla < > > > > > umaganguma...@gmail.com> wrote: > > > > > > > > > > > Overall it looks good to me. > > > > > > I have a quick question regarding the Performance section in the > > > > > checklist. > > > > > > Your referred JIRA is saying DFSIO, but I see results of Freon > and > > > > > > FSPerfTest. Are you planning to take the DFSIO test as well? Or > you > > > may > > > > > > want to update your JIRA title to reflect the results you posted > > > from? > > > > > > > > > > > > Regards, > > > > > > Uma > > > > > > > > > > > > On Fri, May 19, 2023 at 5:05 PM Duong Nguyen <du...@apache.org> > > > wrote: > > > > > > > > > > > > > Dear Ozone Devs, > > > > > > > > > > > > > > I would like to start this discussion thread for the proposal > to > > > > merge > > > > > > > HDDS-7733-Symmetric-Tokens to master. > > > > > > > > > > > > > > This feature branch contains the implementation to replace the > > > costly > > > > > > token > > > > > > > signature generation using asymmetric (RSA) keys with symmetric > > key > > > > > > > algorithms, like HMAC with SHA256. Symmetric key algorithms > > bring a > > > > > > > much better performance and are the natural fit for Ozone token > > use > > > > > case. > > > > > > > Yet, they require building a mechanism to generate, store, > > > > distribute, > > > > > > and > > > > > > > renew symmetric secret keys. That requirement is not trivial > and > > > has > > > > to > > > > > > be > > > > > > > split into smaller tasks that cannot be shipped individually. > > That > > > is > > > > > > > the reason why the implementation of HDDS-7733 > > > > > > > <https://issues.apache.org/jira/browse/HDDS-7733> happens in a > > > > > separate > > > > > > > feature branch. > > > > > > > > > > > > > > HDDS-7733 is not a new feature but an internal redesign for > Ozone > > > > > tokens > > > > > > to > > > > > > > improve OM performance/Ozone scalability. Apart from the > existing > > > > > > > integration and acceptance tests which should already cover the > > > usage > > > > > of > > > > > > > tokens pretty well, we also added E2E test cases to cover the > > edge > > > > > cases > > > > > > > related to the symmetric secret keys life-cycle, as per > HDDS-8003 > > > > > > > <https://issues.apache.org/jira/browse/HDDS-8003>. > > > > > > > > > > > > > > More information can be found on the wiki page: > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=255070328 > > > > > > > > > > > > > > If there are no objections to the merge, we could start the > > > official > > > > > > vote. > > > > > > > > > > > > > > Thanks, > > > > > > > Duong > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- *Sumit Agrawal* | Senior Staff Engineer cloudera.com <https://www.cloudera.com> [image: Cloudera] <https://www.cloudera.com/> [image: Cloudera on Twitter] <https://twitter.com/cloudera> [image: Cloudera on Facebook] <https://www.facebook.com/cloudera> [image: Cloudera on LinkedIn] <https://www.linkedin.com/company/cloudera> ------------------------------
