[
https://issues.apache.org/jira/browse/ZOOKEEPER-1045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15098287#comment-15098287
]
Ivan Kelly commented on ZOOKEEPER-1045:
---------------------------------------
{quote}Two concerns that I have are , is it architecturally ok to enforce ZK to
talk to an external server(perhaps on regular intervals) to form a quorum and
if that is ok then is this the most widely used/requested feature by
users.{quote}
The patch already supports DIGEST-MD5, so Krb isn't required to have auth.
Encryption of the links is a separate concern, and shouldn't be done as part of
this change. There's already a JIRA for it (ZOOKEEPER-1000).
> Quorum Peer mutual authentication
> ---------------------------------
>
> Key: ZOOKEEPER-1045
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-1045
> Project: ZooKeeper
> Issue Type: New Feature
> Components: server
> Reporter: Eugene Koontz
> Assignee: Rakesh R
> Attachments: ZOOKEEPER-1045-00.patch, ZOOKEEPER-1045-Rolling Upgrade
> Design Proposal.pdf
>
>
> ZOOKEEPER-938 addresses mutual authentication between clients and servers.
> This bug, on the other hand, is for authentication among quorum peers.
> Hopefully much of the work done on SASL integration with Zookeeper for
> ZOOKEEPER-938 can be used as a foundation for this enhancement.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
