Hi Rajini, updated the KIP to reflect the ordering of the providers passed
and added information about the configured providers taking precedence over
the login module providers in case of SASL. Also updated the config name.
Please take a look and if everything looks good, I can start a vote.
On F
Hi Harsha,
Since one provider can implement multiple things, excluding SASL may mean
not adding providers which implement any SASL mechanism even though you are
actually interested only in one SSL algorithm that also happens to be in
the provider. Perhaps it would be simpler to allow SASL as well,
Thanks Rajini .
> 4) The main difference between SSL and SASL is that for SSL, you register a
> provider with your own algorithm name and you specify your algorithm name
> in a separate config. This algorithm name can be anything you choose. For
> SASL, we register providers for standard SASL mech
Hi Sandeep/Harsha,
I don't have any major concerns about this KIP since it solves a specific
issue and is a relatively minor change. I am unconvinced about the SASL
case, but it probably is better to add as a config that can be used with
SASL as well in future anyway.
Just to complete the convers
Thanks for the details.
Rajini, Can you please take a look and let us know if these addresses your
concerns.
Thanks,
Harsha
On Mon, Jul 22, 2019, at 9:36 AM, Sandeep Mopuri wrote:
> Hi Rajini,
> Thanks for raising the above questions. Please find the
> replies below
>
> On Wed, Ju
Hi Rajini,
Thanks for raising the above questions. Please find the
replies below
On Wed, Jul 17, 2019 at 2:49 AM Rajini Sivaram
wrote:
> Hi Sandeep,
>
> Thanks for the KIP. A few questions below:
>
>1. Is the main use case for this KIP adding security providers for SSL?
>If
