[
https://issues.apache.org/jira/browse/MAPREDUCE-4417?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13416637#comment-13416637
]
Tom White commented on MAPREDUCE-4417:
--------------------------------------
This looks good to me (although, as Alejandro mentioned, I have worked on an
earlier version of this, so someone else should review it too). A few minor
things I noticed:
* SSLFactory is in a mapreduce package, but in the common project. Just move it
to org.apache.hadoop.security.ssl?
* Mark SSLFactory.resolvePropertyName with the VisibleForTesting annotation.
* ReloadingX509TrustManager allows 'this' to escape in its constructor. Perhaps
give it a separate initialization method to start the reloader.
> add support for encrypted shuffle
> ---------------------------------
>
> Key: MAPREDUCE-4417
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-4417
> Project: Hadoop Map/Reduce
> Issue Type: New Feature
> Components: mrv2, security
> Affects Versions: 2.0.0-alpha
> Reporter: Alejandro Abdelnur
> Assignee: Alejandro Abdelnur
> Fix For: 2.1.0-alpha
>
> Attachments: MAPREDUCE-4417.patch, MAPREDUCE-4417.patch,
> MAPREDUCE-4417.patch, MAPREDUCE-4417.patch, MAPREDUCE-4417.patch,
> MAPREDUCE-4417.patch, MAPREDUCE-4417.patch
>
>
> Currently Shuffle fetches go on the clear. While Kerberos provides
> comprehensive authentication for the cluster, it does not provide
> confidentiality.
> When processing sensitive data confidentiality may be desired (at the expense
> of job performance and resources utilization for doing encryption).
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
