[
https://issues.apache.org/jira/browse/HDFS-6391?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14039524#comment-14039524
]
Andrew Wang commented on HDFS-6391:
-----------------------------------
Ah, so the client would just initially only send the CipherTypes it'd be okay
with. I was thinking it was better to let the client choose it's best
CipherType (more flexible, since it's per-user rather than global setting), but
this works too. The client can also always probe one-by-one if it really wants
to choose.
> Get the Key/IV from the NameNode for encrypted files in DFSClient
> -----------------------------------------------------------------
>
> Key: HDFS-6391
> URL: https://issues.apache.org/jira/browse/HDFS-6391
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: namenode, security
> Reporter: Alejandro Abdelnur
> Assignee: Andrew Wang
> Attachments: HDFS-6391.1.patch
>
>
> When creating/opening and encrypted file, the DFSClient should get the
> encryption key material and the IV for the file in the create/open RPC call.
> HDFS admin users would never get key material/IV on encrypted files
> create/open.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
