Hi Jonathan, I think it would make sense to convert the config in this KIP into an enum so that we can add more variations later on. But since KIP-302 is still under discussion, it is not clear what the config name should be. Since today is the KIP deadline and the implementation itself is straightforward, it would make sense to progress with this one for 2.0.0 if we can get one more binding vote.
Ismael, do you have time to take a look at KIP-235 today? Thanks, Rajini On Tue, May 22, 2018 at 3:45 PM, Skrzypek, Jonathan < jonathan.skrzy...@gs.com> wrote: > Hello Rajini, > > What do you think should be the next step here ? > > > Jonathan Skrzypek > > -----Original Message----- > From: Skrzypek, Jonathan [Tech] > Sent: 21 May 2018 10:51 > To: 'dev' > Subject: RE: [VOTE] KIP-235 Add DNS alias support for secured connection > > Hi, > > What would be the next step here ? > I know there's a discussion going on around KIP-302, but I'm also > conscious that the 2.0.0 deadline for KIPs is tomorrow. > I've opened this KIP in January and discussions have been productive with > an end solution I had the impression was reasonable, so I am keen to see it > make it the next release. > > > Jonathan Skrzypek > > -----Original Message----- > From: Skrzypek, Jonathan [Tech] > Sent: 14 May 2018 13:48 > To: dev > Subject: RE: [VOTE] KIP-235 Add DNS alias support for secured connection > > Sure, I modified the KIP to add more details > > https://cwiki.apache.org/confluence/display/KAFKA/KIP-235%3A > +Add+DNS+alias+support+for+secured+connection > > > Jonathan Skrzypek > > > -----Original Message----- > From: Ismael Juma [mailto:ism...@juma.me.uk] > Sent: 14 May 2018 11:53 > To: dev > Subject: Re: [VOTE] KIP-235 Add DNS alias support for secured connection > > Thanks for the KIP, Jonathan. It would be helpful to have more detail on > how SSL authentication could be broken if the new behaviour is the default. > I know this was discussed in the mailing list thread, but it's important to > include it in the KIP since it's the main reason why a new config is needed > (and configs should be avoided whenever we can just do the right thing). > > Ismael > > On Fri, Mar 23, 2018 at 12:05 PM Skrzypek, Jonathan < > jonathan.skrzy...@gs.com> wrote: > > > Hi, > > > > I would like to start a vote for KIP-235 > > > > > > https://urldefense.proofpoint.com/v2/url?u=https-3A__cwiki.a > pache.org_confluence_display_KAFKA_KIP-2D235-253A-2BAdd-2BDN > S-2Balias-2Bsupport-2Bfor-2Bsecured-2Bconnection&d=DwIBaQ&c= > 7563p3e2zaQw0AB1wrFVgyagb2IE5rTZOYPxLxfZlX4&r=nNmJlu1rR_QFAP > dxGlafmDu9_r6eaCbPOM0NM1EHo-E&m=FM_uCHnnO2dqxWC0bi7_QOJKfKmQ > I80-Xduvb-URWOw&s=RpGkijfK-WHcU0s8ZtMXEkIr69QraJhYKaGSC9V_rnI&e= > > > > This is a proposition to add an option for reverse dns lookup of > > bootstrap.servers hosts, allowing the use of dns aliases on clusters > using > > SASL authentication. > > > > > > > > > > ________________________________ > > Your Personal Data: We may collect and process information about you that > may be subject to data protection laws. For more information about how we > use and disclose your personal data, how we protect your information, our > legal basis to use your information, your rights and who you can contact, > please refer to: www.gs.com/privacy-notices<htt > p://www.gs.com/privacy-notices> >
