Home | About | Sematext search-lucene.com search-hadoop.com
 Search Hadoop and all its subprojects:

Switch to Threaded View
Hadoop >> mail # general >> HTTP transport?

Copy link to this message
Re: HTTP transport?

On 10/14/09 9:37 AM, "Doug Cutting" <[EMAIL PROTECTED]> wrote:

> Kan Zhang wrote:
>> One problem I see with using HTTP is that it's expensive to provide data
>> encryption. We're currently adding 2 authentication mechanisms (Kerberos and
>> DIGEST-MD5) to our existing RPC. Both of them can provide data encryption
>> for subsequent communication over the authenticated channel. However, when
>> similar authentication mechanisms are specified for HTTP (SPNEGO and HTTP
>> DIGEST, respectively), they don't provide data encryption (correct me if I'm
>> wrong). For data encryption over HTTP, one has to use SSL, which is
>> expensive.
> Java supports using Kerberos-based encryption for TLS (nee SSL):
> http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html#KRB

This addresses part of my concern (the Kerberos part). I wasn't aware Java
already supports it. Thanks for pointing it out.