Alexey Serbin has posted comments on this change. Change subject: [security] tailored TokenSigner for system catalog ......................................................................
Patch Set 7: > > Good observation. As I understand, AuthnTokenManager was modeled > to run along with MasterCertAuthority. Besides aggregating > TokenSigner, it has just one additional perk of combining the code > which outputs signed Token. We can safely move that code into the > TokenSigner itself. I'm not aware of future plans to add some > extra functionality into the AuthTokenManager. > > > The reason to have it separate is that we'll sooner or later have > Authz tokens as well, which can reuse the same TokenSigner code, > but will probably have significantly different logic for what > material goes into the token. I'm not sure whether we'd want to > have different TSKs for authz vs authn -- it's probable that the > tokens would have a shorter lifetime, but not sure if the TSKs > should have different rotation periods, etc. Anyway, separating > them also makes the code more reusable and testable IMO. Sounds good to me. We discussed that with Dan over the Slack channel and I was going to make AuthnTokenManager aggregating TokenVerifier as well, keeping track of sequence numbers when importing public parts of keys from the system table (so, keeping the public TSK parts in TokenVerifier only). However, after discussion of lock-related issues of the subsequent patch I'll change that a little bit different. -- To view, visit http://gerrit.cloudera.org:8080/5930 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: Ie2417e2ccba6a1114db366b2f642f95362bf479c Gerrit-PatchSet: 7 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Alexey Serbin <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Tidy Bot Gerrit-Reviewer: Todd Lipcon <[email protected]> Gerrit-HasComments: No
