[
https://issues.apache.org/jira/browse/HDFS-6605?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14046386#comment-14046386
]
Andrew Wang commented on HDFS-6605:
-----------------------------------
There was some discussion on HDFS-6391 with [~michaelbyoder] about this, I
think I'll try the approach outlined there: the client presents the cipher
suites it wants to use in priority order and the server chooses. This should
also let us later evolve the protocol if desired.
> Client server negotiation of cipher suite
> -----------------------------------------
>
> Key: HDFS-6605
> URL: https://issues.apache.org/jira/browse/HDFS-6605
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: security
> Affects Versions: fs-encryption (HADOOP-10150 and HDFS-6134)
> Reporter: Andrew Wang
> Assignee: Andrew Wang
>
> For compatibility purposes, the client and server should negotiate what
> cipher suite to use based on their respective capabilities. This is also a
> way for the server to reject old clients that do not support encryption.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
