[
https://issues.apache.org/jira/browse/CASSANDRA-1567?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12974645#action_12974645
]
Nirmal Ranganathan commented on CASSANDRA-1567:
-----------------------------------------------
So for this I think we'll go with just all internode encryption with
AES_128/256 in an either/or situation. Either all your cluster node transfers
is encrypted or not. Based on if there's demand to have just cross DC encrypted
we can update it at that point and if users want to configure encryption
options.
> Provide configurable encryption support for internode communication
> -------------------------------------------------------------------
>
> Key: CASSANDRA-1567
> URL: https://issues.apache.org/jira/browse/CASSANDRA-1567
> Project: Cassandra
> Issue Type: New Feature
> Components: Core
> Reporter: Nirmal Ranganathan
> Assignee: Nirmal Ranganathan
> Fix For: 0.7.1
>
> Attachments: 0002-Configurable-internode-encryption-option.patch,
> 0003-Default-Key-and-Certificate-for-internode-SSL.patch
>
>
> Provide the option to encrypt internode communication. The initial thought is
> to use JSSE
> (http://download.oracle.com/javase/6/docs/technotes/guides/security/jsse/JSSERefGuide.html)
> to wrap the existing ServerSocket & Sockets. This will only be an optional
> configuration and not enabled by default. The defaults would be TLS V1, RSA
> 1024-bit keys for handshake and SSL_RSA_WITH_RC4_128_MD5 as the cipher suite.
> Although this can be made configurable if the need arises.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
