Upgrade ElasticSearch version

Please update the ElasticSearch version to 2.3.4 in the next commit or PR. Thanks.

Re: Trust Model for Pirk

This approach works for me. I’ll echo Tim’s earlier suggestion that we work towards eliminating (or at least reducing) our use of serialized Java objects as soon as we can. That way we don’t have the sort of remote code execution concerns that serialization entails. This would bring the level

Trust Model for Pirk

Hi Guys, There has been a lot of good discussion lately about signing Pirk objects, validating, etc in another thread. I would like for us to step back and consider the trust model for Pirk. Pirk is an application that runs within a user's system to provide the ability to (1) generate a secure

[GitHub] incubator-pirk pull request #25: [PIRK-25] Additional comments and tidy-up.

Github user asfgit closed the pull request at: https://github.com/apache/incubator-pirk/pull/25 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature

[GitHub] incubator-pirk issue #25: [PIRK-25] Additional comments and tidy-up.

Github user ellisonanne commented on the issue: https://github.com/apache/incubator-pirk/pull/25 +1 I will also update the javadocs and push to the website as these commits include javadoc mods --- If your project is set up for it, you can reply to this email and have your

Re: Authenticating serialized data for safety and peace of mind

Comments inline: On Sun, Jul 24, 2016 at 10:22 AM, Tim Ellison wrote: > On 24/07/16 14:51, Ellison Anne Williams wrote: > > I agree that we don't necessarily want to tie dictate PGP forever, but I > > think that it's fine for an initial pass. We can always expand as long

Re: RTC/CTR Discussion

For sure. Code can always evolve and if a commit happens that needs some refinement all is fine. In essence ctr is always available. For us adopting RTC it means, in my opinion, that you should obtain an independent opinion that it is good to go. As new folks contribute it stokes engagement

Re: RTC/CTR Discussion

This was raised on a recent PR commit; bringing it here for discussion: It's my understanding the members of the PMC (Tim, Suneel, etc) are also committers and able to perform a review in a RTC scenario. Thoughts? On Fri, Jul 22, 2016 at 10:05 PM, Josh Elser wrote: > I

[GitHub] incubator-pirk issue #23: [PIRK-17] - Add Ability to Embed QuerySchema in Qu...

Github user ellisonanne commented on the issue: https://github.com/apache/incubator-pirk/pull/23 It was my understanding the members of the PMC (you, Suneel, etc) are also committers and able to perform a review in a RTC scenario. Suneel commented " LGTM +1. Ship it!" before it was

Re: Authenticating serialized data for safety and peace of mind

On 24/07/16 14:51, Ellison Anne Williams wrote: > I agree that we don't necessarily want to tie dictate PGP forever, but I > think that it's fine for an initial pass. We can always expand as long as > we provide a good framework to do so. > > As to: > > "I guess the next level is to determine

[GitHub] incubator-pirk issue #25: [PIRK-25] Additional comments and tidy-up.

Github user smarthi commented on the issue: https://github.com/apache/incubator-pirk/pull/25 LGTM +1 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if

[GitHub] incubator-pirk issue #24: PIRK-26: Make Enum MRStats a top level class

Github user ellisonanne commented on the issue: https://github.com/apache/incubator-pirk/pull/24 +1 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if

Re: Authenticating serialized data for safety and peace of mind

+1 When you've integrated with the new serialization code, it would be great if you could go ahead and submit a pull request so that folks can see and comment on the implementation. On Sun, Jul 24, 2016 at 12:43 AM, Jacob Wilder < jacobwilder.opensou...@gmail.com> wrote: > > Agreed. Either we