Versions Compared

Old Version 92

changes.mady.by.user Manikumar Reddy O.

Saved on

compared with

New Version 93

changes.mady.by.user Manikumar Reddy O.

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Current state["DISCUSSION"]. 

Discussion thread: here

JIRA: KAFKA-1696 

Please keep the discussion on the mailing list rather than commenting on the wiki (wiki discussions get unwieldy fast).

...

Originally we considered to not have any shared Secret at config level. This required us to chose one of the 3 options below:

  • Let each broker generate a Random secret on each acquisition request and use this secret to generate the hmac. Broker will store the hmac and secret in zookeeper. However as zkClient does not support SSL the hmac will be on wire unencrypted which is not safe.
  • Use controller instead of zookeeper as the central location where tokens are generated, renewed and distributed from. You can review the discussion and pro/con here.
  • Use the controller to generate and rotate secret and distribute it to all brokers. Brokers will generate hmac based on *current* secret. The advantage is secret rotation can be more frequent and automated. The disadvantage is added complexity to push/pull tokens from the controller to brokers and brokers needs to keep a list of valid secrets till max( max life time of all tokens).

  • delegation.token.master.key could be a list, which would allow users to support both a new and old key at the same time while clients are upgrading tokens.