Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-16 Thread Maulin Vasavada
Hi all Thank you for the vote on this. Since the CEP is Accepted now, do we discuss PR/code details on the JIRA/Github right? Thanks Maulin On Wed, Jul 14, 2021 at 5:28 PM Maulin Vasavada wrote: > Thanks Berenguer. Mainly I did detailed PR since I was not familiar with > Cassandra codebase and

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-14 Thread Maulin Vasavada
Thanks Berenguer. Mainly I did detailed PR since I was not familiar with Cassandra codebase and wanted to make sure I figured out the magnitude of things lying ahead of me sooner by having tests failures etc :) Also partly I get chunks of time where I just focus and do things so I better utilize th

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-12 Thread Berenguer Blasi
I have gone through the CEP and I have no concerns on voting on it. In my case a PR helps me pin down and understand better what the CEP will indeed look like, I like that a lot. So thx Maulin for the detailed PR with the luxury of all tests and all bells and whistles!. If it were a CEP of my own

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-12 Thread Ekaterina Dimitrova
Hi everyone, Reading the thread I feel we are all more or less on the same page. My personal line of thinking: 1) I really like Benedict’s idea of some kind of cheat sheet 2) I think some kind of PoC PR, when/if needed, sounds reasonable. Probably It can help in some cases the author to reconside

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-12 Thread Maulin Vasavada
Thank you Benjamin. Sounds good to me. I feel if we leave full control of creating SSL's context (including ciphers, accepted protocols values etc) to the interface it would work. There are some other requirements people run into like customizing X 509 cert validations (SPIFFE

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-12 Thread Benjamin Lerer
> > In the context of your latest answers on JIRA - your interface makes sense > to me, I just want to be sure that we will not forget to add anything which > would a respective implementator need in the future and could not use > because it is just not exposed. I do not believe that we can build

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-09 Thread Mick Semb Wever
Thanks for bringing this back to the ML Maulin. Very much appreciated. On Sat, 10 Jul 2021 at 00:04, Maulin Vasavada wrote: > Thanks Stefan for the pointer for the 'examples' directory. Will invest > time in coming up with a reference custom implementation. > > For your other comments around com

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-09 Thread Maulin Vasavada
Thanks Stefan for the pointer for the 'examples' directory. Will invest time in coming up with a reference custom implementation. For your other comments around common encryption options, I agree with you on a challenge in order to prevent secure information getting leaked in logs. Let me create a

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-09 Thread Maulin Vasavada
Stefan Miklosovic Hi MAULIN VASAVADA , few more observations. I see that you have commented again on JIRA and I am starting to be confused where to comment in relation to

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-09 Thread Maulin Vasavada
Stefan Miklosovic I ve taken a look too. Added some comments to PR. It would be awesome if we see some 3rd party implementation of this in action so we know it indeed works as intended. It is strange to just code up an interface by

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-09 Thread Maulin Vasavada
[image: maulin.vasavada]Maulin Vasavada added a comment - Yesterday - edited On second thoughts Stefan Miklosovic , I feel if we examine the

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-09 Thread Maulin Vasavada
Hi Sumanth Pasupuleti and Stefan Miklosovic thanks for comments. Sorry I missed them before since I was just checking DISCUSS thread on t

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-09 Thread Maulin Vasavada
[image: stefan.miklosovic]Stefan Miklosovic added a comment - 01/Jul/21 19:20 I ve taken a look too. Added some comments to PR. It would be awesome if we see some 3rd party implementation of this in action so we know

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-09 Thread Maulin Vasavada
Sumanth Pasupuleti added a comment - 07/Jun/21 15:13 Maulin Vasavada left a couple of review comments, but lgtm overall. One of the thing

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-07-09 Thread Maulin Vasavada
Hi all I wanted to consolidate a couple of comments that started in JIRA/Wiki here to keep it in one place. I'll post different posts as replies for each comment. Thanks Maulin On Tue, Jun 29, 2021 at 1:07 PM Maulin Vasavada wrote: > ^^^ bumping up ^^^ this thread since people might have more

Re: [DISCUSS] CEP-9: Make SSLContext creation pluggable

2021-06-29 Thread Maulin Vasavada
^^^ bumping up ^^^ this thread since people might have more time reviewing post 4.0 work. Specifically for this section