Tao, Thanks for the KIP.
As others are saying, it would be helpful to have more details on why a new SASL mechanism was rejected in this KIP. An example of how using a new SASL mechanism would be more complex when compared to using a customised security protocol (for example) would help. Ismael On Tue, Jan 26, 2016 at 10:21 AM, Harsha <[email protected]> wrote: > SASL itself can provide pluggable authentication , why not extend there. > There is also proposal for SASL/PLAIN which does extend the current > authentication options. I think thats what Rajini is also talking about. > -Harsha > > On Tue, Jan 26, 2016, at 01:56 AM, tao xiao wrote: > > Hi Rajini, > > > > I think I need to rephrase some of the wordings in the KIP. I meant to > > provide a customized security protocol which may/may not include SSL > > underneath. With CUSTOMIZED security protocol users have the ability to > > plugin both authentication and security communication components. > > > > > > On Tue, 26 Jan 2016 at 17:45 Rajini Sivaram > > <[email protected]> > > wrote: > > > > > Hi Tao, > > > > > > I have a couple of questions: > > > > > > 1. Is there a reason why you wouldn't want to implement a custom > SASL > > > mechanism to use your authentication mechanism? SASL itself aims to > > > provide > > > pluggable authentication mechanisms. > > > 2. The KIP suggests that you are interested in plugging in a custom > > > authenticator, but not a custom transport layer. If that is the > case, > > > maybe > > > you need CUSTOM_PLAINTEXT and CUSTOM_SSL for consistency with the > other > > > security protocols (which are a combination of transport layer > protocol > > > and > > > authentication protocol)? > > > > > > > > > Regards, > > > > > > Rajini > > > > > > On Tue, Jan 26, 2016 at 6:58 AM, tao xiao <[email protected]> > wrote: > > > > > > > > > > HI Kafka developers, > > > > > > > > I raised a KIP-44, allow a customized security protocol, for > discussion. > > > > The goal of this KIP to enable a customized security protocol where > users > > > > can plugin their own implementation. > > > > > > > > Feedback is welcomed > > > > > > > > > > > >
