ctubbsii edited a comment on pull request #1968: URL: https://github.com/apache/accumulo/pull/1968#issuecomment-805262080
> > @ctubbsii let me know what you think of the changes in [82dd8a5] I still prefer the idea of keeping the crypto stuff contained in a single module. Something like: ```properties instance.crypto.service=com.example.crypto.service.ExampleCryptoService instance.crypto.opts.wal.SOMEKEY=SOMEVALUE instance.crypto.opts.table.t1.SOMEKEY=SOMEVALUE instance.crypto.opts.table.t2.SOMEKEY=SOMEVALUE ``` or (depending on implementation): ```properties instance.crypto.service=com.example.crypto.service.ExampleCryptoService instance.crypto.opts.wal.SOMEKEY=SOMEVALUE ; a per-table setting that works because the crypto service is a factory for encryptor/decryptor ; that is capable of making decisions based on per-table config table.crypto.opts.SOMETABLEOPT=SOMEVALUE ``` With both of these, the main point is that there is only ever a single crypto service for the system. However, the functionality of that service is capable of providing crypto services for multiple tables and/or the WAL. Your change just relocates the implementation into inner classes, but they are still effectively separate classes that are configured separately, meaning separate authorities for managing the file-based crypto. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
