Todd Lipcon has posted comments on this change. Change subject: [security] interface for certificate signing service ......................................................................
Patch Set 3: This seems pretty reasonable, but I'm not sure whether this makes sense as a standalone RPC service. In the real application, I'd guess that the tserver would just want to piggy-back the CSR with its "Register" RPC that it already sends to MasterService. And fetching the CAs would be piggy-backed on the client asking for an authentication token, etc. That said, I think the protobufs for the CSRs, errors, etc, are reasonable, and might be handy, but I think we should hold off comitting the service part until we figure out how it's actually integrated? -- To view, visit http://gerrit.cloudera.org:8080/5673 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: I9ff31e56be42bfa8d0f9b908ba2ccd2734407f55 Gerrit-PatchSet: 3 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Mike Percy <[email protected]> Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-HasComments: No
