Hi, quick circle back around so folks are aware. The security tickets are tracked here https://issues.apache.org/jira/browse/KAFKA/component/12324383/?selectedTab=com.atlassian.jira.jira-projects-plugin:component-issues-panel
If you want to jump in on a ticket please do! If no one is assigned then assign it to your self, ask questions, start coding and give it a go! If you can't assign to yourself send email on list with the ticket number and your user name. Someone can then assign it to you and also add perms in JIRA so moving forward you can do that too. If someone is already assigned they may be working on it already. If it has been 3 weeks (lets say) and no patches/comments, etc then a ping in any case I think is good to-do regardless. A patch should be going up tomorrow for https://issues.apache.org/jira/browse/KAFKA-1684 that includes the MetaDataResponse changes required too for channel (plaintext and ssl) port advertisement. /******************************************* Joe Stein Founder, Principal Consultant Big Data Open Source Security LLC http://www.stealth.ly Twitter: @allthingshadoop <http://www.twitter.com/allthingshadoop> ********************************************/ On Mon, Sep 22, 2014 at 8:38 PM, Joe Stein <joe.st...@stealth.ly> wrote: > At the request of the folks that were at the first meeting and can't > attend tomorrow I am moving tomorrow's meeting to next Tuesday (same bat > time, same bat channel). > > /******************************************* > Joe Stein > Founder, Principal Consultant > Big Data Open Source Security LLC > http://www.stealth.ly > Twitter: @allthingshadoop <http://www.twitter.com/allthingshadoop> > ********************************************/ > > On Tue, Sep 16, 2014 at 4:59 PM, Joe Stein <joe.st...@stealth.ly> wrote: > >> yup, yup, yup | done, done, done >> >> On Tue, Sep 16, 2014 at 1:54 PM, Jay Kreps <jay.kr...@gmail.com> wrote: >> >>> Hey Joe, >>> >>> Can you add me, Jun, and Neha too. >>> >>> -Jay >>> >>> On Tue, Sep 16, 2014 at 10:37 AM, Joe Stein <joe.st...@stealth.ly> >>> wrote: >>> > Hi Andrew, yes the meeting took place and we plan to-do it every two >>> weeks >>> > (same bat time, same bat channel) moving forward. >>> > >>> > In attendance was Michael Herstine (LinkedIn), Arvind Mani (LinkedIn), >>> Gwen >>> > Shapira (Cloudera) and myself. >>> > >>> > Gwen updated the wiki after our discussion. Basically we are thinking >>> of >>> > using 3 ports one for plain text (so like it is now), one for SASL >>> > (implementing username/password and kerberos at least) and one for SSL >>> and >>> > they will all be configurable on/off. Some investigation is going on >>> now >>> > to see about how we can do this without making any wire protocol >>> changes >>> > (ideal) or minimal changes at least. >>> > >>> > Let me know and I can add you to the invite if you would like to >>> contribute >>> > the more help and input the better for sure. >>> > >>> > Also in regards to KAFKA-1477 I just asked Ivan to update the patch to >>> > latest trunk and we could (demand required) make a patch that works >>> with >>> > 0.8.1.X too for folks to use... This doesn't work yet with the new >>> producer >>> > (TBD) or any other clients so be aware it is not yet baked in and from >>> > release project perspective I don't know what in that patch will >>> survive >>> > (hopefully all of it). >>> > >>> > /******************************************* >>> > Joe Stein >>> > Founder, Principal Consultant >>> > Big Data Open Source Security LLC >>> > http://www.stealth.ly >>> > Twitter: @allthingshadoop <http://www.twitter.com/allthingshadoop> >>> > ********************************************/ >>> > >>> > On Tue, Sep 16, 2014 at 10:17 AM, Andrew Psaltis < >>> psaltis.and...@gmail.com> >>> > wrote: >>> > >>> >> Hi, >>> >> I was just reading the recent changes to: >>> >> https://cwiki.apache.org/confluence/display/KAFKA/Security after >>> getting >>> >> off a call about Kafka security and how we are jumping through hoops >>> -- >>> >> like having PGP keys on the consumers and producers to get around the >>> lack >>> >> of SSL support. Did the meeting that Joe proposed happen for Sept 9th >>> >> happen? If not is there a plan to have it? I was also looking at: >>> >> https://issues.apache.org/jira/browse/KAFKA-1477 and it seems like >>> there >>> >> have been no comments since 11/08/2014. I would be interested in >>> helping >>> >> with the TLS/SSL support as we have a need for it now. >>> >> >>> >> Thanks, >>> >> Andrew >>> >> >>> >> >> >
