[
https://issues.apache.org/jira/browse/MAPREDUCE-1026?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12759627#action_12759627
]
Owen O'Malley commented on MAPREDUCE-1026:
------------------------------------------
To clarify, in this jira you intend to:
1. Use a job specific random key, which is included in the URL of the fetch.
2. Allow jobs to request encryption of the map output using a second job
specific random key. I assume the configuration boolean would be something
like mapred.job.shuffle.encrypt. If the outputs are encrypted, I assume that we
checksum the unencrypted data and include the checksum in the encryption.
Once you have done that, there isn't any motivation to pay for https.
> Shuffle should be secure
> ------------------------
>
> Key: MAPREDUCE-1026
> URL: https://issues.apache.org/jira/browse/MAPREDUCE-1026
> Project: Hadoop Map/Reduce
> Issue Type: Sub-task
> Components: security
> Reporter: Owen O'Malley
> Assignee: Devaraj Das
>
> Since the user's data is available via http from the TaskTrackers, we should
> require a job-specific secret to access it.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
