[
https://issues.apache.org/jira/browse/HDDS-778?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16675674#comment-16675674
]
Anu Engineer commented on HDDS-778:
-----------------------------------
[~ajayydv], [~xyao] Thanks for the review. Patch v2 addresses the review
comments. Please see below for the details.
bq. Line 96: SELF_SIGNED_CA should we rename this to ROOT_CA?
I have left it as-is, since Root CA can be root like this Self-Signed CA or
intermediary roots. So I feel that Self-Signed is more explicit.
bq. Line 90: need some clarification of the usage of signDataStream() and
verifySignature.
A very good catch, I have fixed this issue in this new patch.
> Add an interface for CA and Clients for Certificate operations
> --------------------------------------------------------------
>
> Key: HDDS-778
> URL: https://issues.apache.org/jira/browse/HDDS-778
> Project: Hadoop Distributed Data Store
> Issue Type: Sub-task
> Components: SCM, SCM Client
> Reporter: Anu Engineer
> Assignee: Anu Engineer
> Priority: Major
> Attachments: HDDS-778-HDDS-04.002.patch, HDDS-778-HDDS-4.001.patch
>
>
> This JIRA proposes to add an interface specification that can be programmed
> against by Datanodes and Ozone Manager and other clients that want to use the
> certificate-based security features of HDDS.
> We will also add a Certificate Server interface, this interface can be used
> to use non-SCM based CA or if we need to use HSM based secret storage
> services.
> At this point, it is simply an interface and nothing more. Thanks to [~xyao]
> for suggesting this idea.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
