Re: Proposal of an encryption module in solr-sandbox

I'm sorry to have moved the discussion into the package manager tangent. Let's focus on the encryption module that was originally proposed in this thread, and discuss the package manager separately. On Sun, 19 Mar, 2023, 1:19 am Gus Heck, wrote: > Downloading executable code is not evil in every

Re: Proposal of an encryption module in solr-sandbox

Downloading executable code is not evil in every scenario. IMHO, What we should be avoiding is A) allowing this by default, and B) The first, most simple way of enabling it should involve designating specific locations that the *user* configuring solr trusts and require establishment of trust (via

Re: Proposal of an encryption module in solr-sandbox

On 3/15/23 13:52, Jan Høydahl wrote: There's a catch-22 here. Enterprises that require encryption at rest likely won't tolerate enabling a package manager that lets you download executable code from the internet during runtime, especially when that package manager is both home-grown, and largel

Re: Proposal of an encryption module in solr-sandbox

There's a catch-22 here. Enterprises that require encryption at rest likely won't tolerate enabling a package manager that lets you download executable code from the internet during runtime, especially when that package manager is both home-grown, and largely unused and neglected. So we need to

Re: Proposal of an encryption module in solr-sandbox

I would love to see such a support be available to users by way of the package manager, irrespective of whether it is a first or third party package. On Thu, 16 Mar, 2023, 12:33 am David Smiley, wrote: > On Wed, Mar 15, 2023 at 5:23 AM Ishan Chattopadhyaya < > ichattopadhy...@gmail.com> wrote: >

Re: Proposal of an encryption module in solr-sandbox

On Wed, Mar 15, 2023 at 5:23 AM Ishan Chattopadhyaya < ichattopadhy...@gmail.com> wrote: > Does it need to be a first party project? > If there is a maintainer then, I think yes. When there isn't, then it's a difficult question.

Re: Proposal of an encryption module in solr-sandbox

Does anything at all need to be in Solr? :-). Food for thought. I think of this capability as being valuable, particularly for some "enterprise-y" users, and thus keeping Solr competitive. It has no dependencies other than annotations. Bruno proposes adding it to the sandbox. My only concern ab

Re: Proposal of an encryption module in solr-sandbox

I've also observed that HDFS supports client provided encryption... or so I recall when I looked many months ago. Someone ought to do a blog/write-up on that. ~ David Smiley Apache Lucene/Solr Search Developer http://www.linkedin.com/in/davidwsmiley On Wed, Mar 15, 2023 at 5:28 AM Ishan Chattop

Re: Proposal of an encryption module in solr-sandbox

Important notice: currently the encryption module does not encrypt TLogs yet. Le mer. 15 mars 2023 à 10:28, Ishan Chattopadhyaya < ichattopadhy...@gmail.com> a écrit : > HDFS* > > On Wed, 15 Mar, 2023, 2:56 pm Ishan Chattopadhyaya, < > ichattopadhy...@gmail.com> wrote: > > > Btw, +1 to the initia

Re: Proposal of an encryption module in solr-sandbox

HDFS* On Wed, 15 Mar, 2023, 2:56 pm Ishan Chattopadhyaya, < ichattopadhy...@gmail.com> wrote: > Btw, +1 to the initiative. I've heard of clients used encrypted HDFC for > these usecases. Direct support at Lucene/Solr level is much better. > > On Wed, 15 Mar, 2023, 2:52 pm Ishan Chattopadhyaya, <

Re: Proposal of an encryption module in solr-sandbox

Btw, +1 to the initiative. I've heard of clients used encrypted HDFC for these usecases. Direct support at Lucene/Solr level is much better. On Wed, 15 Mar, 2023, 2:52 pm Ishan Chattopadhyaya, < ichattopadhy...@gmail.com> wrote: > Does it need to be a first party project? > > On Wed, 15 Mar, 2023

Re: Proposal of an encryption module in solr-sandbox

Does it need to be a first party project? On Wed, 15 Mar, 2023, 2:46 pm Bruno Roustant, wrote: > Hi, > > I pushed a PR in > solr-sandbox to propose a > Java-level encryption for Solr. > This work is the fol