[
https://issues.jboss.org/browse/JGRP-1883?page=com.atlassian.jira.plugin....
]
Bela Ban commented on JGRP-1883:
--------------------------------
No, ENCRYPT is not TLS for JGroups. TLS is done at the transport (and requires TCP),
whereas ENCRYPT works at the application level. For example, if we send a multicast to 10
cluster nodes, TLS would encrypt traffic between the sender and each recipient, whereas
ENCRYPT would do the encryption once and then send a multicast with the encrypted message.
This is much more efficient.
Extend SASL protocol to handle Quality of Protection
-----------------------------------------------------
Key: JGRP-1883
URL:
https://issues.jboss.org/browse/JGRP-1883
Project: JGroups
Issue Type: Feature Request
Affects Versions: 3.5
Reporter: Richard Achmatowicz
Assignee: Bela Ban
Fix For: 3.6
SASL implementations generally provide authentication and encryption services to
communication protocols.
At present, the JGroups SASL protocol layer handles only authentication of a client
joining a group; it does not support encryption of messages (unicast and multicast)
passing through the SASL layer. This is presently handled by the separate ENCRYPT layer.
It would be nice to provide an integrated and complete solution for authentication and
encryption for JGroups based on SASL. This could be achieved by adding functionality from
ENCRYPT to the SASL layer.
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)