[
https://issues.apache.org/jira/browse/HADOOP-10141?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13841714#comment-13841714
]
Hadoop QA commented on HADOOP-10141:
------------------------------------
{color:green}+1 overall{color}. Here are the results of testing the latest
attachment
http://issues.apache.org/jira/secure/attachment/12617456/hadoop-10141.patch
against trunk revision .
{color:green}+1 @author{color}. The patch does not contain any @author
tags.
{color:green}+1 tests included{color}. The patch appears to include 2 new
or modified test files.
{color:green}+1 javac{color}. The applied patch does not increase the
total number of javac compiler warnings.
{color:green}+1 javadoc{color}. The javadoc tool did not generate any
warning messages.
{color:green}+1 eclipse:eclipse{color}. The patch built with
eclipse:eclipse.
{color:green}+1 findbugs{color}. The patch does not introduce any new
Findbugs (version 1.3.9) warnings.
{color:green}+1 release audit{color}. The applied patch does not increase
the total number of release audit warnings.
{color:green}+1 core tests{color}. The patch passed unit tests in
hadoop-common-project/hadoop-common.
{color:green}+1 contrib tests{color}. The patch passed contrib unit tests.
Test results:
https://builds.apache.org/job/PreCommit-HADOOP-Build/3344//testReport/
Console output:
https://builds.apache.org/job/PreCommit-HADOOP-Build/3344//console
This message is automatically generated.
> Create an API to separate encryption key storage from applications
> ------------------------------------------------------------------
>
> Key: HADOOP-10141
> URL: https://issues.apache.org/jira/browse/HADOOP-10141
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Owen O'Malley
> Assignee: Owen O'Malley
> Attachments: hadoop-10141.patch, hadoop-10141.patch,
> hadoop-10141.patch
>
>
> As with the filesystem API, we need to provide a generic mechanism to support
> multiple key storage mechanisms that are potentially from third parties.
> An additional requirement for long term data lakes is to keep multiple
> versions of each key so that keys can be rolled periodically without
> requiring the entire data set to be re-written. Rolling keys provides
> containment in the event of keys being leaked.
> Toward that end, I propose an API that is configured using a list of URLs of
> KeyProviders. The implementation will look for implementations using the
> ServiceLoader interface and thus support third party libraries.
> Two providers will be included in this patch. One using the credentials cache
> in MapReduce jobs and the other using Java KeyStores from either HDFS or
> local file system.
--
This message was sent by Atlassian JIRA
(v6.1#6144)
