kartheek muthyala created HADOOP-13836:
------------------------------------------
Summary: Securing Hadoop RPC using SSL
Key: HADOOP-13836
URL: https://issues.apache.org/jira/browse/HADOOP-13836
Project: Hadoop Common
Issue Type: New Feature
Components: ipc
Reporter: kartheek muthyala
Today, RPC connections in Hadoop are encrypted using Simple Authentication &
Security Layer (SASL), with the Kerberos ticket based authentication or
Digest-md5 checksum based authentication protocols. This proposal is about
enhancing this cipher suite with SSL/TLS based encryption and authentication.
SSL/TLS is a proposed Internet Engineering Task Force (IETF) standard, that
provides data security and integrity across two different end points in a
network. This protocol has made its way to a number of applications such as web
browsing, email, internet faxing, messaging, VOIP etc. And supporting this
cipher suite at the core of Hadoop would give a good synergy with the
applications on top and also bolster industry adoption of Hadoop.
The Server and Client code in Hadoop IPC should support the following modes of
communication
1. Plain
2. Secure
a. SASL encryption with an underlying authentication
b. New Proposed: SSL based encryption and authentication (x509 certificate)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
