Jerry Chen created HDFS-9899:
--------------------------------
Summary: The implication of auth-conf is not followed in optimized
HDFS data transfer encryption
Key: HDFS-9899
URL: https://issues.apache.org/jira/browse/HDFS-9899
Project: Hadoop HDFS
Issue Type: Bug
Components: encryption
Affects Versions: 2.6.0
Reporter: Jerry Chen
HDFS-6606 provided an optimized way of HDFS data transfer encryption. The
optimized encryption is build on top of SASL wrap/unwrap when auth-conf is
configured.
When user specifies auth-conf, he wants both integrity and confidential. While
the current implementation of the optimization implements only confidential
with AES/CTR and there is no integrity grantees, which means the implications
of auth-conf were not strictly followed.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
