[
https://issues.apache.org/jira/browse/ZOOKEEPER-236?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15951741#comment-15951741
]
Abraham Fine commented on ZOOKEEPER-236:
----------------------------------------
Hi [~geek101]-
So I think it would be tough to table Hostname Verification as without it I
think we are left with something relatively insecure.
So if customers provide IPs alternative names can be specified as IPs so
hostname verification should still work. DNS requires a reverse lookup, but I
think that is fine if users are choosing to rely on DNS.
I uploaded a new revision with some integration style tests. I know I still
need to add tests for OCSP. The tests still require plenty of refactoring and
the timeout is way to long, but they are working. Let me know what additional
tests we should add.
Abe
> SSL Support for Atomic Broadcast protocol
> -----------------------------------------
>
> Key: ZOOKEEPER-236
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-236
> Project: ZooKeeper
> Issue Type: New Feature
> Components: quorum, server
> Reporter: Benjamin Reed
> Assignee: Abraham Fine
> Priority: Minor
>
> We should have the ability to use SSL to authenticate and encrypt the traffic
> between ZooKeeper servers. For the most part this is a very easy change. We
> would probably only want to support this for TCP based leader elections.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
