[
https://issues.apache.org/jira/browse/HADOOP-15006?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16287510#comment-16287510
]
Steve Loughran commented on HADOOP-15006:
-----------------------------------------
Not looked other than to scan through it and conclude "it's complicated"
It is certainly not on my TODO list. If other's started it? well, I wouldn't
block it, as long as it could be integrated in a way that it's integration
points were relatively non-intrusive. Both S3Guard and the committers (Well,
the retry logic really) have radically changed the S3AFileSystem, and its
reaching that scale point where I'm starting to find it hard to visualise.
Short term, I'd prefer the S3Guard phase II work to get focus.
At the same time, I can see the interest in client-side encryption. It's just
that mismatch between file length and list length which worries me.
> Encrypt S3A data client-side with Hadoop libraries & Hadoop KMS
> ---------------------------------------------------------------
>
> Key: HADOOP-15006
> URL: https://issues.apache.org/jira/browse/HADOOP-15006
> Project: Hadoop Common
> Issue Type: New Feature
> Components: fs/s3, kms
> Reporter: Steve Moist
> Priority: Minor
> Attachments: S3-CSE Proposal.pdf
>
>
> This is for the proposal to introduce Client Side Encryption to S3 in such a
> way that it can leverage HDFS transparent encryption, use the Hadoop KMS to
> manage keys, use the `hdfs crypto` command line tools to manage encryption
> zones in the cloud, and enable distcp to copy from HDFS to S3 (and
> vice-versa) with data still encrypted.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
