[
https://issues.apache.org/jira/browse/CASSANDRA-18624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17744096#comment-17744096
]
Stefan Miklosovic edited comment on CASSANDRA-18624 at 7/18/23 8:22 AM:
------------------------------------------------------------------------
I made another round of the review, added bunch of comments again.
I want to highlight that the patch introduces this dependency:
https://github.com/apache/cassandra/pull/2490/files#r1266346053
There are two releases for this dependency, x86 and aarch. Here we depend on
x86 only. What if a user is running Cassandra on ARM? How does this work in
that case? Do we need to somehow differentiate or are we going to ship it for
x86 only? Should not we default to in-built crypto provider instead and forcing
a user to specifically enable this crypto provider if he is on x86?
What I think should happen here is that there should be NoOpProvider which just
does nothing so the default one in jvm is used and x86 jar in the distribution
in libs and one has to explicitly turn it on. That way one avoids the situation
when it is turned on by default and it is run on arm. If you want arm, you need
to download that arm jar specifically, throw away x86 and configure it in yaml.
was (Author: smiklosovic):
I made another round of the review, added bunch of comments again.
I want to highlight that the patch introduces this dependency:
https://github.com/apache/cassandra/pull/2490/files#r1266346053
There are two releases for this dependency, x86 and aarch. Here we depend on
x86 only. What if a user is running Cassandra on ARM? How does this work in
that case? Do we need to somehow differentiate or are we going to ship it for
x86 only? Should not we default to in-built crypto provider instead and forcing
a user to specifically enable this crypto provider if he is on x86?
What i think should happen here is that there should be NoOpProvider which just
does nothing so the default one in jvm is used and x86 jar in the distribution
in libs and one has to explicitly turn it on. That way one avoids the situation
when it is turned on by default and it is run on arm. If you want arm, you need
to download that arm jar specifically, throw away x86 and configure it in yaml.
> Make Corretto Crypto Provider the Default
> -----------------------------------------
>
> Key: CASSANDRA-18624
> URL: https://issues.apache.org/jira/browse/CASSANDRA-18624
> Project: Cassandra
> Issue Type: Improvement
> Components: Dependencies
> Reporter: Jordan West
> Assignee: Ayushi Singh
> Priority: Normal
> Attachments: image.png
>
> Time Spent: 8h 20m
> Remaining Estimate: 0h
>
> [Amazon Corretto Crypto Provider|
> https://github.com/corretto/amazon-corretto-crypto-provider] is an
> alternative provider of TLS and cryptographic functions that has significant
> performance benefits for Cassandra. It is Apache 2.0 licensed and has been
> deployed in several existing large fleets.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
