Todd Lipcon has posted comments on this change. Change subject: [security] adjust TLS certificate verification ......................................................................
Patch Set 2: Code-Review+2 (1 comment) http://gerrit.cloudera.org:8080/#/c/5865/2//COMMIT_MSG Commit Message: Line 14: future selectively when we add support for client certs. added Impala KRPC people to this review in case they have opinions on this. I'm not sure in the Impala context if they are completely disabling Kerberos for internal RPC and relying on SSL client certs, or if they are using Kerberos + TLS (in which case they shouldn't need client certs to be set at all, by the same logic we have). In fact they could pretty easily move to self-signed certs if they take a new snapshot. -- To view, visit http://gerrit.cloudera.org:8080/5865 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: Id3b1698ccd8434b8d40d567e9d0fa506e4cdc0ca Gerrit-PatchSet: 2 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Dan Burkert <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Henry Robinson <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Sailesh Mukil <[email protected]> Gerrit-Reviewer: Tidy Bot Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-HasComments: Yes
