fapifta commented on PR #6802: URL: https://github.com/apache/ozone/pull/6802#issuecomment-2161024288
Hi @ChenSammi please refer to #6685 for the detailed design. The basic idea is to have all the crypto related code in a pluggable form, with the current implementation as the default, and allow any implementor to add an implementation that complies with the rules of a particular jurisdiction. The Apache Ozone project is not really something we are intend to certify for any jurisdiction, but we want to provide an easy way to create a compliant version of Apache Ozone with the least code added as a plugin. BouncyCastle is non-compliant in at least one jurisdiction, so an implementor may or may not need to re-implement BouncyCastle dependent code. This PR aims to restrict the amount of code/functionality that directly depends on BouncyCastle and use standard Java implementations instead that relies on JCA/JCE with that BouncyCastle remains usable in the default implementation and it can be replaced for jurisdictions where it is non-compliant. It is also a goal to do not change the default behavior and public API of Ozone, nor any of its protocols in any incompatible way. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
