Home | About | Sematext search-lucene.com search-hadoop.com
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB
 Search Hadoop and all its subprojects:

Switch to Plain View
Accumulo >> mail # dev >> ACCUMULO-958 - Pluggable encryption in walogs


+
Josh Elser 2013-01-30, 14:13
+
Adam Fuchs 2013-01-30, 14:50
+
Adam Fuchs 2013-01-30, 14:51
Copy link to this message
-
Re: ACCUMULO-958 - Pluggable encryption in walogs
Some comments about the comments in ACCUMULO-958:

Josh writes:

"We still have the ability to review this even after the feature freeze
happens, it's just frustrating from my point of view in generating the best
1.5.0 candidate possible (we tend to go through x.y.0 releases pretty darn
quick)."

John writes:

"Yes, but we get stuck on x.y.* for a year or so, so it does become a race
to get all the features you want to see in the next year."

As Accumulo matures, we will need to start thinking a little more flexibly
about what goes into minor releases.  We have implemented new (small)
features in minor releases before.

I would have no problem including ACCUMULO-958 into 1.5.1 after a test
phase, and after some basic experience with the feature.  However I'm very
uncomfortable including this in 1.5.0 because there is not a single test,
and no real implementation behind the factory that anyone would use In Real
Life.  Is this an appropriate API?  I have no idea.  Comments in the code
about the stability of the interface basically admit that the author isn't
completely comfortable with it, either.

Let's not rush it, and when it is done right, I'm all for putting it into
the next release.  For now, I would hold back incorporating these changes
until they are more fully implemented. After we branch 1.5, commit this to
trunk, and back-port it to the 1.5 branch when experience and tests show it
is ready to be released.

-Eric

On Wed, Jan 30, 2013 at 9:13 AM, Josh Elser <[EMAIL PROTECTED]> wrote:

> All,
>
> It's been a few days and I haven't seen much chatter at all on
> ACCUMULO-958 [1] since the patch was applied. There are a couple of
> concerns I have that I definitely want to see addressed before a 1.5.0
> release.
>
> - It worries me that the provided patch is fail-open (when we can't load
> the configured encryption strategies/modules, we don't decrypt anything. I
> think for a security-minded database, we should probably be defaulting to
> fail-close; but, that brings up an issue, what happens when we can't
> encrypt a WAL? Do minor compactions fail gracefully? What does Accumulo do?
>
> - John said he had been reviewing the patch before he applied it; it
> bothers me that there was a version of this patch that had been reviewed
> privately for some amount of time when we had already pushed back the
> feature freeze date by a week waiting for features that weren't done.
>
> - The author noted himself with the deprecation of the CryptoModule
> interface that "we anticipate changing [this] in non-backwards compatible
> ways as we explore requirements for encryption in Accumulo...". This tells
> me that implementation of WAL encryption overall hasn't been properly
> thought out.
>
> Given all of this, it gives me great pause to knowingly include this patch
> into a 1.5.0 release. I see no signs that this has been truly thought out,
> there is no default provided encryption strategy for 1.5.0 with this patch
> for the WAL and there is still no support at all for RFile encryption (no
> end-to-end Accumulo encryption for a user). All of these issues considered
> make me believe that this is an incomplete feature that is not ready for an
> Apache Accumulo release.
>
> Thoughts?
>
> - Josh
>
> [1] https://issues.apache.org/**jira/browse/ACCUMULO-958<https://issues.apache.org/jira/browse/ACCUMULO-958>
>
+
Adam Fuchs 2013-01-30, 15:40
+
William Slacum 2013-01-30, 16:05
+
Adam Fuchs 2013-01-30, 18:45
+
Keith Turner 2013-01-30, 19:20
+
William Slacum 2013-01-30, 19:02
+
Keith Turner 2013-01-30, 19:26
+
Benson Margulies 2013-01-30, 20:13
+
Josh Elser 2013-01-31, 02:24
+
Keith Turner 2013-01-30, 16:10
+
dlmarion@... 2013-01-30, 17:49
+
Aaron Cordova 2013-01-30, 18:29
+
Mike Drob 2013-01-30, 22:42
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB