Github user rmetzger commented on the issue:
https://github.com/apache/flink/pull/2425
Thank you for addressing my comments.
I've looked into the design document [1] again and some details are missing
there. In particular its not clearly specified how and where the shared secrets
are created and transferred in the cluster.
How is the secret transferred to the TaskManagers on YARN?
Is the using the `JobManagerMessages.getRequestBlobManagerSecureCookie()`
message always secure?
I think its important for security-related changes to first have a clear,
documented security concept, and then an implementation that matches the
documentation.
Maybe it also makes sense to start adding a page into the internals
documentation section, explaining how the secure cookie is implemented.
@StephanEwen can you maybe add your thoughts here?
[1]
https://docs.google.com/document/d/1-GQB6uVOyoaXGwtqwqLV8BHDxWiMO2WnVzBoJ8oPaAs/edit
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
