Re: initial draft of security scoping document/roadmap

[Dan Burkert]

I've added a new section to the Authentication Design scope doc

called
"TLS Negotiation" which has a specific recommendation for how Kudu will
handle TLS connection upgrade in a backwards compatible manner.  Comments
welcome!

- Dan

On Wed, Oct 26, 2016 at 5:05 PM, Todd Lipcon  wrote:

> I made some edits in Dan's doc linked above to turn it into more of a
> design doc about our current plan of attack. Please take a look at the
> updated doc.
>
> On Mon, Oct 17, 2016 at 6:48 PM, William Berkeley  >
> wrote:
>
> > Fixed link:
> > https://docs.google.com/document/d/1Yu4iuIhaERwug1vS95yWDd_
> > WzrNRIKvvVGUb31y-_mY/edit#
> >
> > -Will
> >
> > On Mon, Oct 17, 2016 at 9:42 PM, Dan Burkert 
> > wrote:
> >
> > > Hi all,
> > >
> > > We've been thinking about some of the particular details laid out in
> the
> > > scope doc, and have come up with some alternatives.  You can see the
> > > alternative and discussion here:
> > >
> > > https://docs.google.com/document/d/1Yu4iuIhaERwug1vS95yWDd_
> > > WzrNRIKvvVGUb31y-_mY/edit#
> > >
> > > - Dan
> > >
> > > On Mon, Oct 10, 2016 at 9:07 PM, Todd Lipcon 
> wrote:
> > >
> > > > Hey folks,
> > > >
> > > > I'm hoping to start breaking down some tasks from this document in
> the
> > > next
> > > > couple days. If you were planning to take a look, please try to do so
> > > soon.
> > > >
> > > > -Todd
> > > >
> > > > On Mon, Oct 3, 2016 at 5:33 PM, Todd Lipcon 
> wrote:
> > > >
> > > > > Hi all,
> > > > >
> > > > > Now that we've reached 1.0, one of the next big barriers to Kudu
> > > adoption
> > > > > is its lack of security features. I've started working on a
> document
> > > > which
> > > > > tries to scope out some initial support for authentication,
> > > > authorization,
> > > > > and data security:
> > > > >
> > > > > https://docs.google.com/document/d/1cPNDTpVkIUo676RlszpTF1gHZ8l0T
> > > > > dbB7zFBAuOuYUw/edit#heading=h.gsibhnd5dyem
> > > > >
> > > > > The aim here is to lay out a roadmap that has some milestones that
> > are
> > > > > achievable in the next few upcoming releases. As noted in the last
> > > > section
> > > > > of the document, there will be more work to follow, but the goal
> here
> > > is
> > > > to
> > > > > get us started with the base infrastructure.
> > > > >
> > > > > It's rough, yet, but please take a look and leave comments,
> > questions,
> > > > and
> > > > > suggestions.
> > > > >
> > > > > Thanks
> > > > > -Todd
> > > > > --
> > > > > Todd Lipcon
> > > > > Software Engineer, Cloudera
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Todd Lipcon
> > > > Software Engineer, Cloudera
> > > >
> > >
> >
>
>
>
> --
> Todd Lipcon
> Software Engineer, Cloudera
>

Re: initial draft of security scoping document/roadmap

[Todd Lipcon]

I made some edits in Dan's doc linked above to turn it into more of a
design doc about our current plan of attack. Please take a look at the
updated doc.

On Mon, Oct 17, 2016 at 6:48 PM, William Berkeley 
wrote:

> Fixed link:
> https://docs.google.com/document/d/1Yu4iuIhaERwug1vS95yWDd_
> WzrNRIKvvVGUb31y-_mY/edit#
>
> -Will
>
> On Mon, Oct 17, 2016 at 9:42 PM, Dan Burkert 
> wrote:
>
> > Hi all,
> >
> > We've been thinking about some of the particular details laid out in the
> > scope doc, and have come up with some alternatives.  You can see the
> > alternative and discussion here:
> >
> > https://docs.google.com/document/d/1Yu4iuIhaERwug1vS95yWDd_
> > WzrNRIKvvVGUb31y-_mY/edit#
> >
> > - Dan
> >
> > On Mon, Oct 10, 2016 at 9:07 PM, Todd Lipcon  wrote:
> >
> > > Hey folks,
> > >
> > > I'm hoping to start breaking down some tasks from this document in the
> > next
> > > couple days. If you were planning to take a look, please try to do so
> > soon.
> > >
> > > -Todd
> > >
> > > On Mon, Oct 3, 2016 at 5:33 PM, Todd Lipcon  wrote:
> > >
> > > > Hi all,
> > > >
> > > > Now that we've reached 1.0, one of the next big barriers to Kudu
> > adoption
> > > > is its lack of security features. I've started working on a document
> > > which
> > > > tries to scope out some initial support for authentication,
> > > authorization,
> > > > and data security:
> > > >
> > > > https://docs.google.com/document/d/1cPNDTpVkIUo676RlszpTF1gHZ8l0T
> > > > dbB7zFBAuOuYUw/edit#heading=h.gsibhnd5dyem
> > > >
> > > > The aim here is to lay out a roadmap that has some milestones that
> are
> > > > achievable in the next few upcoming releases. As noted in the last
> > > section
> > > > of the document, there will be more work to follow, but the goal here
> > is
> > > to
> > > > get us started with the base infrastructure.
> > > >
> > > > It's rough, yet, but please take a look and leave comments,
> questions,
> > > and
> > > > suggestions.
> > > >
> > > > Thanks
> > > > -Todd
> > > > --
> > > > Todd Lipcon
> > > > Software Engineer, Cloudera
> > > >
> > >
> > >
> > >
> > > --
> > > Todd Lipcon
> > > Software Engineer, Cloudera
> > >
> >
>



-- 
Todd Lipcon
Software Engineer, Cloudera

Re: initial draft of security scoping document/roadmap

[Todd Lipcon]

Hey folks,

I'm hoping to start breaking down some tasks from this document in the next
couple days. If you were planning to take a look, please try to do so soon.

-Todd

On Mon, Oct 3, 2016 at 5:33 PM, Todd Lipcon  wrote:

> Hi all,
>
> Now that we've reached 1.0, one of the next big barriers to Kudu adoption
> is its lack of security features. I've started working on a document which
> tries to scope out some initial support for authentication, authorization,
> and data security:
>
> https://docs.google.com/document/d/1cPNDTpVkIUo676RlszpTF1gHZ8l0T
> dbB7zFBAuOuYUw/edit#heading=h.gsibhnd5dyem
>
> The aim here is to lay out a roadmap that has some milestones that are
> achievable in the next few upcoming releases. As noted in the last section
> of the document, there will be more work to follow, but the goal here is to
> get us started with the base infrastructure.
>
> It's rough, yet, but please take a look and leave comments, questions, and
> suggestions.
>
> Thanks
> -Todd
> --
> Todd Lipcon
> Software Engineer, Cloudera
>



-- 
Todd Lipcon
Software Engineer, Cloudera