I think the motivation of the KIP is to configure which API we want to allow for a broker. This is challenging for a hosted service where you have customers with different versions of clients. It's not just about down conversion but for example transactions, there is a case where we do not want to allow users to start using transactions and there is no way to disable to this right now and as specified in the KIP, having a lock on which client versions we support. Authorizer's original purpose is to allow policies to be enforced for each of the Kafka APIs, specifically in the context of security. Extending this to a general purpose gatekeeper might not be suitable and as mentioned in the thread every implementation of authorizer needs to re-implement to provide the same set of functionality. I think it's better to add an implementation which will use a broker's dynamic config as mentioned in approach 1.
Thanks, Harsha On Sat, Feb 23, 2019, at 6:21 AM, Ismael Juma wrote: > Thanks for the KIP. Have we considered the existing topic config that makes > it possible to disallow down conversions? That's the biggest downside in > allowing older clients. > > Ismael > > On Fri, Feb 22, 2019, 2:11 PM Ying Zheng <yi...@uber.com.invalid> wrote: > > > > > >
