Larry McCay created HADOOP-9536:
-----------------------------------
Summary: HSSO Server - Certificate Authority and Publisher of
Service Public Keys
Key: HADOOP-9536
URL: https://issues.apache.org/jira/browse/HADOOP-9536
Project: Hadoop Common
Issue Type: Sub-task
Components: security
Reporter: Larry McCay
This task provides the Hadoop cluster with a central authority for issuing and
signing PKI keypairs for all of the Hadoop services.
It will leverage the CMF for rolling, versioning and managing keystores and
publishing the public keys for all registered Hadoop services.
This allows services to easily acquire a new public key for verifying tokens
signed by each other when signing keys have been rolled.
Public keys are safe to distribute freely we will only want to insure that the
service is requesting the published keys from the actual HSSO service. This
will require the use of SSL or some other server authentication scheme to avoid
spoofing.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
