[jira] [Updated] (STORM-4070) mTls support

Mon, 12 Aug 2024 13:44:04 -0700 


     [ 
https://issues.apache.org/jira/browse/STORM-4070?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Purshotam Shah updated STORM-4070:
----------------------------------
    Description: 
Currenly, *SASL* (Simple Authentication and Security Layer) and *Kerberos* are 
widely used for authentication. However, a more modern and increasingly popular 
method is *mTLS* (Mutual Transport Layer Security).

*mTLS* leverages SSL/TLS certificates for authentication and encryption, 
ensuring that both the client and server can verify each other's identities. 
This dual verification process provides an additional security layer compared 
to traditional methods.

For organizations already using trusted certificates within their 
infrastructure, integrating mTLS can be more straightforward. It allows them to 
use the existing certificate management systems, reducing the need for separate 
authentication setups.

In cloud environments, *mTLS* is often the preferred choice for securing 
communications. By addressing both encryption and authentication in a single 
solution, mTLS simplifies the configuration process while enhancing overall 
security.

> mTls support
> ------------
>
>                 Key: STORM-4070
>                 URL: https://issues.apache.org/jira/browse/STORM-4070
>             Project: Apache Storm
>          Issue Type: New Feature
>            Reporter: Purshotam Shah
>            Priority: Major
>
> Currenly, *SASL* (Simple Authentication and Security Layer) and *Kerberos* 
> are widely used for authentication. However, a more modern and increasingly 
> popular method is *mTLS* (Mutual Transport Layer Security).
> *mTLS* leverages SSL/TLS certificates for authentication and encryption, 
> ensuring that both the client and server can verify each other's identities. 
> This dual verification process provides an additional security layer compared 
> to traditional methods.
> For organizations already using trusted certificates within their 
> infrastructure, integrating mTLS can be more straightforward. It allows them 
> to use the existing certificate management systems, reducing the need for 
> separate authentication setups.
> In cloud environments, *mTLS* is often the preferred choice for securing 
> communications. By addressing both encryption and authentication in a single 
> solution, mTLS simplifies the configuration process while enhancing overall 
> security.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to