Hi Joe,

For #2, if brokers and clients trust a certain certificate authority (CA),
you should be able to just sign a new certificate with that CA (without
having to explicitly share said cert with all parties).

- Samuel

On Fri, Jun 23, 2017 at 3:10 AM, Joe San <codeintheo...@gmail.com> wrote:

> Dear Kafka Users,
>
> Would you consider it a good practice to expose the Kafka topic directly to
> a 3rd party application? While doing this, I need to satisfy the following:
>
> 1. I will have say 10 topics and I would need to make sure that only
> authorized parties are able to write into the Topic
>
> 2. If I use certificates (2 way trust), would this mean that when I add new
> broker nodes, I need to make sure that the new certificates are shared with
> all the 3rd parties and their certificates being installed on my new broker
> node?
>
> 3. Since I'm exposing my topic directly, a naughty 3rd party could play
> around and might eventually case a DoS attack?
>
> Thanks,
> Joe
>

Reply via email to