Alexey Serbin has posted comments on this change. ( http://gerrit.cloudera.org:8080/19617 )
Change subject: KUDU-3448 Add support for encrypting TSKs ...................................................................... Patch Set 8: (1 comment) http://gerrit.cloudera.org:8080/#/c/19617/8//COMMIT_MSG Commit Message: http://gerrit.cloudera.org:8080/#/c/19617/8//COMMIT_MSG@19 PS8, Line 19: t must be set to : a command that outputs the same password as on initialization, and vice : versa, it must not be provided on later master startups if it wasn't : provided on initialization. How does the condition of turning encryption on/off for TSK keys manifest itself? I guess existing TSK keys would fail to load, right? Assuming that people would rather not recreate their cluster just to enable storing TSK keys encrypted, do you think it makes sense to automate the transition when turning on encryption for TSK keys. For example, we could try try to load existing keys as encrypted, but in case of error try to load them as unencrypted, or maybe check whether the key is in PKC8 format or not when trying to read it. -- To view, visit http://gerrit.cloudera.org:8080/19617 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: Id8d770de7ed824cfc725003bbe77f1e42629029b Gerrit-Change-Number: 19617 Gerrit-PatchSet: 8 Gerrit-Owner: Attila Bukor <[email protected]> Gerrit-Reviewer: Abhishek Chennaka <[email protected]> Gerrit-Reviewer: Alexey Serbin <[email protected]> Gerrit-Reviewer: Ashwani Raina <[email protected]> Gerrit-Reviewer: Attila Bukor <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Mahesh Reddy <[email protected]> Gerrit-Reviewer: Marton Greber <[email protected]> Gerrit-Reviewer: Zoltan Chovan <[email protected]> Gerrit-Reviewer: Ádám Bakai <[email protected]> Gerrit-Comment-Date: Thu, 25 May 2023 15:30:22 +0000 Gerrit-HasComments: Yes
