hadoop-common-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Larry McCay (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HADOOP-9536) HSSO Server - Certificate Authority and Publisher of Service Public Keys
Date Wed, 01 May 2013 18:02:16 GMT
Larry McCay created HADOOP-9536:
-----------------------------------

             Summary: HSSO Server - Certificate Authority and Publisher of Service Public
Keys
                 Key: HADOOP-9536
                 URL: https://issues.apache.org/jira/browse/HADOOP-9536
             Project: Hadoop Common
          Issue Type: Sub-task
          Components: security
            Reporter: Larry McCay


This task provides the Hadoop cluster with a central authority for issuing and signing PKI
keypairs for all of the Hadoop services.

It will leverage the CMF for rolling, versioning and managing keystores and publishing the
public keys for all registered Hadoop services.

This allows services to easily acquire a new public key for verifying tokens signed by each
other when signing keys have been rolled.

Public keys are safe to distribute freely we will only want to insure that the service is
requesting the published keys from the actual HSSO service. This will require the use of SSL
or some other server authentication scheme to avoid spoofing.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message