Hi Joe,
I am interested in joining the efforts. I went through apache
storm security with kerberos so I can bring some of that
experience into the discussion.
Thanks,
Harsha
On Tue, Sep 16, 2014, at 10:37 AM, Joe Stein wrote:
> Hi Andrew, yes the meeting took place and we plan to-do it every two
> weeks
> (same bat time, same bat channel) moving forward.
>
> In attendance was Michael Herstine (LinkedIn), Arvind Mani (LinkedIn),
> Gwen
> Shapira (Cloudera) and myself.
>
> Gwen updated the wiki after our discussion. Basically we are thinking of
> using 3 ports one for plain text (so like it is now), one for SASL
> (implementing username/password and kerberos at least) and one for SSL
> and
> they will all be configurable on/off. Some investigation is going on now
> to see about how we can do this without making any wire protocol changes
> (ideal) or minimal changes at least.
>
> Let me know and I can add you to the invite if you would like to
> contribute
> the more help and input the better for sure.
>
> Also in regards to KAFKA-1477 I just asked Ivan to update the patch to
> latest trunk and we could (demand required) make a patch that works with
> 0.8.1.X too for folks to use... This doesn't work yet with the new
> producer
> (TBD) or any other clients so be aware it is not yet baked in and from
> release project perspective I don't know what in that patch will survive
> (hopefully all of it).
>
> /*******************************************
> Joe Stein
> Founder, Principal Consultant
> Big Data Open Source Security LLC
> http://www.stealth.ly
> Twitter: @allthingshadoop <http://www.twitter.com/allthingshadoop>
> ********************************************/
>
> On Tue, Sep 16, 2014 at 10:17 AM, Andrew Psaltis
> <psaltis.and...@gmail.com>
> wrote:
>
> > Hi,
> > I was just reading the recent changes to:
> > https://cwiki.apache.org/confluence/display/KAFKA/Security after getting
> > off a call about Kafka security and how we are jumping through hoops --
> > like having PGP keys on the consumers and producers to get around the lack
> > of SSL support. Did the meeting that Joe proposed happen for Sept 9th
> > happen? If not is there a plan to have it? I was also looking at:
> > https://issues.apache.org/jira/browse/KAFKA-1477 and it seems like there
> > have been no comments since 11/08/2014. I would be interested in helping
> > with the TLS/SSL support as we have a need for it now.
> >
> > Thanks,
> > Andrew
> >
