[jira] [Commented] (CASSANDRA-18624) Make Corretto Crypto Provider the Default

[Stefan Miklosovic (Jira)]

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-18624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17744592#comment-17744592
 ] 

Stefan Miklosovic commented on CASSANDRA-18624:
-----------------------------------------------

Maybe little explanation why I think it should be done like that would help.

1) the current patch wants to introduce dependency with x86 classifier to the 
build

2) why only x86? What if a user is on ARM? 

3) so lets add aarch dependency too!

4) how are we supposed to make the difference / to distinguish what dependency 
is going to be used when both are on the class path? Which one would take 
precedence over which one? What happens when put two dependencies with 
different qualifier to libs directory?

For all these reasons, the solution is to not put there any dependency at all. 
A user has to do that himself because he knows what architecture that Cassandra 
node is running on - we can not know that.

Hence the course of action for such users would be:

1) They put the correct (architecture specific jar) to libs dir

2) They put the implementation of ICryptoProvider to a jar which they put to 
libs dir

3) They configure yaml to specify the implementation in 2) for crypto_provider

I know this is a little bit unfortunate but I do not see any (easy) way out of 
this. The resolution of which library to put on the class path based on what 
architecture that node runs on ... that is very tricky and error-prone. Not a 
good approach I would say.

 

> Make Corretto Crypto Provider the Default
> -----------------------------------------
>
>                 Key: CASSANDRA-18624
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-18624
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Dependencies
>            Reporter: Jordan West
>            Assignee: Ayushi Singh
>            Priority: Normal
>         Attachments: image.png
>
>          Time Spent: 9h 40m
>  Remaining Estimate: 0h
>
> [Amazon Corretto Crypto Provider| 
> https://github.com/corretto/amazon-corretto-crypto-provider] is an 
> alternative provider of TLS and cryptographic functions that has significant 
> performance benefits for Cassandra. It is Apache 2.0 licensed and has been 
> deployed in several existing large fleets. 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org