Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Duplicate
-
2.6.0
-
None
-
None
Description
HDFS-6606 provided an optimized way of HDFS data transfer encryption. The optimized encryption is build on top of SASL wrap/unwrap when auth-conf is configured.
When user specifies auth-conf, he wants both integrity and confidential. While the current implementation of the optimization implements only confidential with AES/CTR and there is no integrity grantees, which means the implications of auth-conf were not strictly followed.
Attachments
Issue Links
- is duplicated by
-
HDFS-9899 The implication of auth-conf is not followed in optimized HDFS data transfer encryption
- Open