milleruntime commented on pull request #1834: URL: https://github.com/apache/accumulo/pull/1834#issuecomment-744586501
While this is change contains multiple enhancements to the cryptography in the code, I feel like this is a regression in the maintainability. Why not keep the cryptography constants in Constants.java as a pointer to the other parts of the code? If someone wanted to see how we use the different algorithms, before they could search on those constants. Now the encryption is scattered across vastly different and obscure parts of the code (KeyExtent, VisMetricsGatherer, SystemCredentials and ZkSecurityTool). If they know to search for the string "SHA-256" they may be able to find these different pieces but as the different constants change (possibly independently) over time, this code will become even more difficult to maintain. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
