[jira] [Commented] (SPARK-36988) What ciphers spark support for internode communication?

Wed, 13 Oct 2021 19:09:07 -0700 


    [ 
https://issues.apache.org/jira/browse/SPARK-36988?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17428564#comment-17428564
 ] 

Hyukjin Kwon commented on SPARK-36988:
--------------------------------------

For questions, let's interact with Spark mailing list instead of filing an 
issue as a JIRA. You would be able to have a better answer there.

> What ciphers spark support for internode communication?
> -------------------------------------------------------
>
>                 Key: SPARK-36988
>                 URL: https://issues.apache.org/jira/browse/SPARK-36988
>             Project: Spark
>          Issue Type: Question
>          Components: Security
>    Affects Versions: 3.1.2
>            Reporter: zoli
>            Priority: Minor
>
> {{Spark documentation mentions this:}}
>  {{[https://spark.apache.org/docs/3.0.0/security.html]}}
> {code:java}
> spark.network.crypto.config.*
> "Configuration values for the commons-crypto library, such as which cipher 
> implementations to use. The config name should be the name of commons-crypto 
> configuration without the commons.crypto prefix."{code}
> {{What this means?}}
>  {{If I leave it to None what will happen? There won't be any encryption used 
> or will it fallback to some default one?}}
>  {{The common-crypto mentions that it uses JCE or OPENSSL implementations, 
> but says nothing about the ciphers.}}
>  {{Does it support everything the given JVM does?}}
> {{The documentation is vague on this.}}
> {{However the spark ui part for the security is clear:}}
> {code:java}
> ${ns}.enabledAlgorithms
> A comma-separated list of ciphers. The specified ciphers must be supported by 
> JVM. The reference list of protocols can be found in the "JSSE Cipher Suite 
> Names" section of the Java security guide. The list for Java 8 can be found 
> at this page. Note: If not set, the default cipher suite for the JRE will be 
> used.{code}
> {{ }}
>  {{So what will happen if I leave spark.network.crypto.config.* to None?}}
>  {{And what ciphers are supported?}}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to