Hi,
just out of curiosity and because of Eugene's email, I browsed
Kafka-1477 and it talks about SSL alot. So I thought I might throw in
this http://tools.ietf.org/html/rfc7568 RFC. It basically says move away
from SSL now and only do TLS. The title of the ticket still mentions TLS
but afterwards its only SSL, haven't looked at any patches or library
code so I can't really judge what's going on.
Further I found people starting to talk about sendfile(2) TLS support,
here for example https://people.freebsd.org/~rrs/asiabsd_2015_tls.pd
<https://people.freebsd.org/%7Errs/asiabsd_2015_tls.pd>f. So maybe we
can keep this door open that at some point the Kernel will be able to do
TLS for us?
On 02.07.2015 22:24, eugene miretsky wrote:
HI,
There is some work being done on security in Kafka:
Confluence: https://cwiki.apache.org/confluence/display/KAFKA/Security
Jira: https://issues.apache.org/jira/browse/KAFKA-1682
It seems like the main blockers are KAFKA-1477
<https://issues.apache.org/jira/browse/KAFKA-1477>, KAFKA-1691
<https://issues.apache.org/jira/browse/KAFKA-1691> and KAFKA-1690
<https://issues.apache.org/jira/browse/KAFKA-1690>.
Is there an anticipated road map for when all the security features will be
done and merged in to trunk?
(