[ https://issues.apache.org/jira/browse/CASSANDRA-6018?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13858384#comment-13858384 ]
Tupshin Harper commented on CASSANDRA-6018: ------------------------------------------- Alexey, As a core committer to the Apache Cassandra project, I suspect Jason is rather qualified make this judgement for himself. Regarding your specific observations, #5789 is an unconfirmed bug on an old version of cassandra 1.2, and even if it does turn out to be a bug, failure to replicate to some nodes, leading to temporary intermittent read unavailability, is certainly not the same as global data loss of any scale. I can also personally testify that Cassandra is powering multiple production billing systems as well as numerous equally mission critical systems. > Add option to encrypt commitlog > -------------------------------- > > Key: CASSANDRA-6018 > URL: https://issues.apache.org/jira/browse/CASSANDRA-6018 > Project: Cassandra > Issue Type: New Feature > Components: Core > Reporter: Jason Brown > Assignee: Jason Brown > Labels: commit_log, encryption, security > Fix For: 2.1 > > > We are going to start using cassandra for a billing system, and while I can > encrypt sstables at rest (via Datastax Enterprise), commit logs are more or > less plain text. Thus, an attacker would be able to easily read, for example, > credit card numbers in the clear text commit log (if the calling app does not > encrypt the data itself before sending it to cassandra). > I want to allow the option of encrypting the commit logs, most likely > controlled by a property in the yaml. -- This message was sent by Atlassian JIRA (v6.1.5#6160)