[
https://issues.apache.org/jira/browse/HDFS-5910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13946974#comment-13946974
]
Benoy Antony commented on HDFS-5910:
------------------------------------
BTW, I'll open a new jira to refactor the code so that for
getDataEncryptionKey() is invoked only after determining that channel with peer
cannot be trusted.
> Enhance DataTransferProtocol to allow per-connection choice of
> encryption/plain-text
> ------------------------------------------------------------------------------------
>
> Key: HDFS-5910
> URL: https://issues.apache.org/jira/browse/HDFS-5910
> Project: Hadoop HDFS
> Issue Type: Improvement
> Components: security
> Affects Versions: 2.2.0
> Reporter: Benoy Antony
> Assignee: Benoy Antony
> Attachments: HDFS-5910.patch, HDFS-5910.patch, HDFS-5910.patch,
> HDFS-5910.patch
>
>
> It is possible to enable encryption of DataTransferProtocol.
> In some use cases, it is required to encrypt data transfer with some clients
> , but communicate in plain text with some other clients and data nodes.
> A sample use case will be that any data transfer inside a firewall can be in
> plain text whereas any data transfer from clients outside the firewall needs
> to be encrypted.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
