Oops, I had sent the following note, but it was sent as a response to Jun
Rao and I didn't realize it wasn't sent to dev list. Thanks for pointing
out, Ismael. The KIP has been moved to adopted list.
*This vote has passed with three binding (Gwen, Jun, Ismael) and three
non-binding votes (Mickael
Rajini, I think it's time to declare this vote as successful. :)
Ismael
On Wed, Dec 21, 2016 at 10:57 AM, Rajini Sivaram
wrote:
> Jun,
>
> The KIP currently proposes to add 4 SASL mechanisms SCRAM-SHA-224,
> SCRAM-SHA-256, SCRAM-SHA-384 and SCRAM-SHA-512. Ismael suggested supporting
> just SCRA
Jun,
The KIP currently proposes to add 4 SASL mechanisms SCRAM-SHA-224,
SCRAM-SHA-256, SCRAM-SHA-384 and SCRAM-SHA-512. Ismael suggested supporting
just SCRAM-SHA-256 and SCRAM-SHA-512 to make it easier for non-Java client
support. What do you think?
Thank you,
Rajini
On Fri, Dec 2, 2016 at 2:
Jun,
Any thoughts on reducing the number of mechanisms and supporting only
SCRAM-SHA-256 and SCRAM-SHA-512?
Thank you,
Rajini
On Fri, Dec 2, 2016 at 2:44 PM, Ismael Juma wrote:
> Thanks Rajini. Let's see what Jun says about limiting the number of SHA
> variants. Either way, +1 from me.
>
> Is
Ismael,
1. Jun had suggested added the full list of SHA-nnn in the [DISCUSS]
thread. I am ok with limiting to a smaller number if required.
3. Added a section on security considerations to the KIP.
Thank you,
Rajini
On Thu, Dec 1, 2016 at 4:22 PM, Ismael Juma wrote:
> Hi Rajini,
>
> Sorry fo
Thanks Rajini. Let's see what Jun says about limiting the number of SHA
variants. Either way, +1 from me.
Ismael
On Fri, Dec 2, 2016 at 2:40 PM, Rajini Sivaram wrote:
> Ismael,
>
> 1. Jun had suggested added the full list of SHA-nnn in the [DISCUSS]
> thread. I am ok with limiting to a smaller
Hi Rajini,
Sorry for the delay. For some reason, both of your replies (for this and
KIP-85) were marked as spam by Gmail. Comments inline.
On Mon, Nov 28, 2016 at 3:47 PM, Rajini Sivaram <
rajinisiva...@googlemail.com> wrote:
>
> 1. I think you had asked earlier for SCRAM-SHA-1 to be removed sinc
Hi Ismael,
Thank you for the review.
1. I think you had asked earlier for SCRAM-SHA-1 to be removed since it is
not secure :-) I am happy to add that back in so that clients which don't
have access to a more secure algorithm can use it. But it would be a shame
to prevent users who only need Java
Hi Rajini,
Thanks for the KIP. I am in favour of introducing SCRAM as an additional
SASL mechanism. A few comments:
1. Magnus raised the point that cyrus-sasl currently only
implements SCRAM-SHA-1, so having a larger number of variants will involve
more work for non-Java clients. Do we really nee
Another committer vote is needed for this to go through. Anyone have time
to review?
Thank you!
On Tue, Nov 15, 2016 at 6:26 PM, Gwen Shapira wrote:
> +1
>
> On Mon, Nov 14, 2016 at 5:57 AM, Rajini Sivaram
> wrote:
> > Hi all,
> >
> > I would like to initiate the voting process for *KIP-84: Su
Radai,
I don't have a strong objection to using a more verbose format. But the
reasons for choosing the cryptic s=,t=,... format:
1. Unlike other properties like quotas stored in Zookeeper which need to
be human readable in order to query the values, these values only need to
be parsed b
+1
On Mon, Nov 14, 2016 at 5:57 AM, Rajini Sivaram
wrote:
> Hi all,
>
> I would like to initiate the voting process for *KIP-84: Support SASL/SCRAM
> mechanisms*:
>
> https://cwiki.apache.org/confluence/display/KAFKA/KIP-84%3A+Support+SASL+SCRAM+mechanisms
>
> This KIP adds support for four SCRAM
3AU
From: Rajini Sivaram
To: dev@kafka.apache.org
Date: 15/11/2016 11:00
Subject:Re: [VOTE] KIP-84: Support SASL SCRAM mechanisms
Jun,
Thank you, I have made the updates to the KIP.
On Tue, Nov 15, 2016 at 12:34 AM, Jun Rao wrote:
> Hi, Rajini,
>
> Thanks for the
small nitpick - given that s,t,k and i are used as part of a rather large
CSV format, what is the gain in having them be single letter aliases?
in other words - why not salt=... , serverKey=... , storedKey=... ,
iterations=... ?
On Tue, Nov 15, 2016 at 7:26 AM, Mickael Maison
wrote:
> +1
>
> On
+1
On Tue, Nov 15, 2016 at 10:57 AM, Rajini Sivaram
wrote:
> Jun,
>
> Thank you, I have made the updates to the KIP.
>
> On Tue, Nov 15, 2016 at 12:34 AM, Jun Rao wrote:
>
>> Hi, Rajini,
>>
>> Thanks for the proposal. +1. A few minor comments.
>>
>> 30. Could you add that the broker config sasl.
Jun,
Thank you, I have made the updates to the KIP.
On Tue, Nov 15, 2016 at 12:34 AM, Jun Rao wrote:
> Hi, Rajini,
>
> Thanks for the proposal. +1. A few minor comments.
>
> 30. Could you add that the broker config sasl.enabled.mechanisms can now
> take more values?
>
> 31. Could you document t
Hi, Rajini,
Thanks for the proposal. +1. A few minor comments.
30. Could you add that the broker config sasl.enabled.mechanisms can now
take more values?
31. Could you document the meaning of s,t,k,i used in /config/users/alice
in ZK?
32. In the rejected section, could you document why we decid
Hi all,
I would like to initiate the voting process for *KIP-84: Support SASL/SCRAM
mechanisms*:
https://cwiki.apache.org/confluence/display/KAFKA/KIP-84%3A+Support+SASL+SCRAM+mechanisms
This KIP adds support for four SCRAM mechanisms (SHA-224, SHA-256, SHA-384
and SHA-512) for SASL authenticati
18 matches
Mail list logo
