Niten Aggarwal created KAFKA-8205:
-------------------------------------

             Summary: Kafka SSL encryption of dataat rest
                 Key: KAFKA-8205
                 URL: https://issues.apache.org/jira/browse/KAFKA-8205
             Project: Kafka
          Issue Type: Bug
          Components: security
    Affects Versions: 1.0.1
         Environment: All
            Reporter: Niten Aggarwal


Recently we enabled SSL on our kafka cluster which earlier had SASL PLAINTEXT. 
Everything works fine from both producer and consumer standpoint as expected 
with one strange behavior. We noticed data in the log file is also encrypted 
which we didn't thought of because SSL is meant for transport level security 
not to encrypt data at rest.

It doesn't mean we have any issues with that but would like to understand what 
enables to perform encrypting data at rest. Do we have a way to:-

1) turn it off

2) Extend the encryption algorithm if company would like to use their own key 
management system and different algorithm.

After going through Kafka docs, we realized there is a KIP already in 
discussion but how come it's implemented without been approved?

[https://cwiki.apache.org/confluence/display/KAFKA/KIP-317%3A+Add+transparent+data+encryption+functionality]

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to