[
https://issues.apache.org/jira/browse/CASSANDRA-6018?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13858384#comment-13858384
]
Tupshin Harper commented on CASSANDRA-6018:
-------------------------------------------
Alexey,
As a core committer to the Apache Cassandra project, I suspect Jason is rather
qualified make this judgement for himself.
Regarding your specific observations, #5789 is an unconfirmed bug on an old
version of cassandra 1.2, and even if it does turn out to be a bug, failure to
replicate to some nodes, leading to temporary intermittent read unavailability,
is certainly not the same as global data loss of any scale.
I can also personally testify that Cassandra is powering multiple production
billing systems as well as numerous equally mission critical systems.
> Add option to encrypt commitlog
> --------------------------------
>
> Key: CASSANDRA-6018
> URL: https://issues.apache.org/jira/browse/CASSANDRA-6018
> Project: Cassandra
> Issue Type: New Feature
> Components: Core
> Reporter: Jason Brown
> Assignee: Jason Brown
> Labels: commit_log, encryption, security
> Fix For: 2.1
>
>
> We are going to start using cassandra for a billing system, and while I can
> encrypt sstables at rest (via Datastax Enterprise), commit logs are more or
> less plain text. Thus, an attacker would be able to easily read, for example,
> credit card numbers in the clear text commit log (if the calling app does not
> encrypt the data itself before sending it to cassandra).
> I want to allow the option of encrypting the commit logs, most likely
> controlled by a property in the yaml.
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)
