Anyone else have any feedback on this protocol and implementation? I plan to start a vote soon.
Thank you, Grant On Fri, Jul 15, 2016 at 1:04 PM, Gwen Shapira <g...@confluent.io> wrote: > > My goal in the protocol design was to keep the request simple and be able > > to answer what I think are the 3 most common questions/requests > > > > - What ACLs are on the cluster? > > - What access do I/they have? > > - Who has access to this resource? > > Thanks for clarifying. I think this is good. Perhaps just document > this goal next to the protocol for the record :) > > > Isn't KIP-50 itself one gigantic compatibility concern? I don't see > >> how your suggestions make it any worse... > > > > > > > >> Yes, I also think we should take this chance to improve the Authorizer > interface > >> to make it more suitable for the ACL Admin requests. > > > > > > I agree we can address this in KIP-50. What I was getting at was that I > > wanted to handle that discussion there. We voted on KIP-50 before 0.10 > was > > released with the intention that we could get it in. Now that 0.10 is > > released and a longer time has gone by I am not sure if the opinion of > > "breaking is okay" has changed. I will always prefer a backward > compatible > > approach if possible. > > Well, the entire KIP-50 discussion - both regarding compatibility and > possible increased scope is probably out of context here. Especially > since this proposal was written carefully to avoid any assumptions > regarding other work. I suggest taking this in a separate thread. > > Gwen > > > Thank you, > > Grant > > > > > > On Fri, Jul 15, 2016 at 7:22 AM, Ismael Juma <ism...@juma.me.uk> wrote: > > > >> On Fri, Jul 15, 2016 at 6:45 AM, Gwen Shapira <g...@confluent.io> > wrote: > >> > > >> > >> - I suggest this be addressed in KIP-50 as well, though it > >> has > >> > >> some compatibility concerns. > >> > > >> > Isn't KIP-50 itself one gigantic compatibility concern? I don't see > >> > how your suggestions make it any worse... > >> > > >> > >> Yes, I also think we should take this chance to improve the Authorizer > >> interface to make it more suitable for the ACL Admin requests. > >> > >> Ismael > >> > > > > > > > > -- > > Grant Henke > > Software Engineer | Cloudera > > gr...@cloudera.com | twitter.com/gchenke | linkedin.com/in/granthenke > -- Grant Henke Software Engineer | Cloudera gr...@cloudera.com | twitter.com/gchenke | linkedin.com/in/granthenke
