So is it in general a good idea to ask my clients who are out of my IT infrastructure to directly write to my Topic? I'm seeing this as an anti-pattern. What do you guys think?
On Mon, Jun 26, 2017 at 8:15 PM, Samuel Taylor <stay...@square-root.com> wrote: > Hi Joe, > > For #2, if brokers and clients trust a certain certificate authority (CA), > you should be able to just sign a new certificate with that CA (without > having to explicitly share said cert with all parties). > > - Samuel > > On Fri, Jun 23, 2017 at 3:10 AM, Joe San <codeintheo...@gmail.com> wrote: > > > Dear Kafka Users, > > > > Would you consider it a good practice to expose the Kafka topic directly > to > > a 3rd party application? While doing this, I need to satisfy the > following: > > > > 1. I will have say 10 topics and I would need to make sure that only > > authorized parties are able to write into the Topic > > > > 2. If I use certificates (2 way trust), would this mean that when I add > new > > broker nodes, I need to make sure that the new certificates are shared > with > > all the 3rd parties and their certificates being installed on my new > broker > > node? > > > > 3. Since I'm exposing my topic directly, a naughty 3rd party could play > > around and might eventually case a DoS attack? > > > > Thanks, > > Joe > > >
