[
https://issues.apache.org/jira/browse/MESOS-910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13891078#comment-13891078
]
Niklas Quarfot Nielsen commented on MESOS-910:
----------------------------------------------
How about keeping the current HTTP handling, creating an SSL/TLS (and plain)
connection abstraction in stout (built on openssl) and create a new
HttpsConnection SocketProcess in libprocess?
This change will probably result in many subsequent patches, but would be one
way to go. All instances of socket calls would need to be updated.
> Add encryption support for master/slave/framework channels
> ----------------------------------------------------------
>
> Key: MESOS-910
> URL: https://issues.apache.org/jira/browse/MESOS-910
> Project: Mesos
> Issue Type: Story
> Components: general, libprocess
> Reporter: Adam B
> Labels: encryption, security
>
> Currently all the messages that flow through the Mesos cluster are
> unencrypted making it possible for intruders to intercept and potentially
> control your task. We plan to add encryption support by adding SSL/TLS
> support to libprocess, the low-level communication library that Mesos uses
> for all network communication between Mesos components.
> As a first step, we should replace the hand-coded http code in libprocess
> with a standard library, ensuring that any mesos custom code like routing
> remains. Then, transition to https should be easier.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
