There seems to be a bit of detail lacking in the KIP. Specifically, I'd like to understand:
1) What znodes are the brokers going to secure? Is this configurable? How? 2) What ACL is the broker going to apply? Is this configurable? 3) How will the admin tools (such as preferred replica election and partition reassignment) interact with this? -Todd On Wed, Oct 21, 2015 at 9:16 AM, Ismael Juma <ism...@juma.me.uk> wrote: > On Wed, Oct 21, 2015 at 5:04 PM, Flavio Junqueira <f...@apache.org> wrote: > > > Bringing the points Grant brought to this thread: > > > > > Is it worth mentioning the follow up steps that were discussed in the > KIP > > > call in this KIP document? Some of them were: > > > > > > - Adding SSL support for Zookeeper > > > - Removing the "world readable" assumption > > > > > > > Grant, how would you do it? I see three options: > > > > 1- Add to the existing KIP, but then the functionality we should be > > checking in soon won't include it, so the KIP will remain incomplete > > > > A "Future work" section would make sense to me, but I don't know how this > is normally handled. > > Ismael >
