dombizita commented on code in PR #6538:
URL: https://github.com/apache/ozone/pull/6538#discussion_r1574895107
##########
hadoop-hdds/common/src/main/resources/ozone-default.xml:
##########
@@ -2238,17 +2238,35 @@
<property>
<name>hdds.key.len</name>
<value>2048</value>
- <tag>SCM, HDDS, X509, SECURITY</tag>
+ <tag>SCM, HDDS, X509, SECURITY, CRYPTO_COMPLIANCE</tag>
+ <description>
+ SCM CA key length. This is an algorithm-specific metric, such as modulus
+ length, specified in number of bits.
+ </description>
+ </property>
+ <property>
+ <name>hdds.key.algo</name>
+ <value>RSA</value>
+ <tag>SCM, HDDS, X509, SECURITY, CRYPTO_COMPLIANCE</tag>
+ <description>
+ SCM CA key algorithm.
+ </description>
+ </property>
+ <property>
+ <name>hdds.security.provider</name>
+ <value>BC</value>
+ <tag>OZONE, HDDS, X509, SECURITY, CRYPTO_COMPLIANCE</tag>
<description>
- SCM CA key length. This is an algorithm-specific metric, such as
modulus length, specified in number of bits.
+ The main security provider used for various cryptographic algorithms.
</description>
</property>
Review Comment:
Could you highlight in the PR description that you also expose already
existing configs to the ozone-default.xml with this patch? I'll do some other
already existing config addition to the ozone-default.xml (with the
`CRYPTO_COMPLIANCE` tag) in
[HDDS-10732](https://issues.apache.org/jira/browse/HDDS-10732).
##########
hadoop-hdds/common/src/main/resources/ozone-default.xml:
##########
@@ -2238,17 +2238,35 @@
<property>
<name>hdds.key.len</name>
<value>2048</value>
- <tag>SCM, HDDS, X509, SECURITY</tag>
+ <tag>SCM, HDDS, X509, SECURITY, CRYPTO_COMPLIANCE</tag>
+ <description>
+ SCM CA key length. This is an algorithm-specific metric, such as modulus
+ length, specified in number of bits.
+ </description>
+ </property>
+ <property>
+ <name>hdds.key.algo</name>
+ <value>RSA</value>
+ <tag>SCM, HDDS, X509, SECURITY, CRYPTO_COMPLIANCE</tag>
+ <description>
+ SCM CA key algorithm.
+ </description>
+ </property>
+ <property>
+ <name>hdds.security.provider</name>
+ <value>BC</value>
+ <tag>OZONE, HDDS, X509, SECURITY, CRYPTO_COMPLIANCE</tag>
<description>
- SCM CA key length. This is an algorithm-specific metric, such as
modulus length, specified in number of bits.
+ The main security provider used for various cryptographic algorithms.
</description>
</property>
<property>
<name>hdds.key.dir.name</name>
<value>keys</value>
<tag>SCM, HDDS, X509, SECURITY</tag>
<description>
- Directory to store public/private key for SCM CA. This is relative to
ozone/hdds meteadata dir.
+ Directory to store public/private key for SCM CA. This is relative to
+ ozone/hdds meteadata dir.
Review Comment:
Could you remove this? I don't this it is related to this change, you only
broke the line into two lines.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
