Dan Burkert has posted comments on this change. Change subject: KUDU-1843. Client UUIDs should be cryptographically random ......................................................................
Patch Set 2: Code-Review-1 I still think this is a bad idea. At the very least, this patch needs to go through every place a client ID is currently logged and redact it. If the client ID is exposed in client API, it needs to be documented that is should be considered a secret. We need to be systematically more careful with client IDs if we treat them as secrets. -- To view, visit http://gerrit.cloudera.org:8080/6347 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-MessageType: comment Gerrit-Change-Id: I0ea6868773cf046944f70c32c647184e4b48c772 Gerrit-PatchSet: 2 Gerrit-Project: kudu Gerrit-Branch: master Gerrit-Owner: Todd Lipcon <t...@apache.org> Gerrit-Reviewer: Adar Dembo <a...@cloudera.com> Gerrit-Reviewer: Dan Burkert <danburk...@apache.org> Gerrit-Reviewer: David Ribeiro Alves <davidral...@gmail.com> Gerrit-Reviewer: Kudu Jenkins Gerrit-Reviewer: Todd Lipcon <t...@apache.org> Gerrit-HasComments: No