Connecting cluster with different cookies
Raimo Niskanen
raimo+erlang-questions@REDACTED
Tue Aug 10 10:54:36 CEST 2021
On Mon, Aug 09, 2021 at 06:34:02PM +0200, Łukasz Niemier wrote:
> > So, what says the Community? How important feature is it
> > to be able to connect nodes with different cookies?
>
> I never had need for that, but I think that it could have some uses in the past when there was no TLS connection and cookie was only "protection". Nowadays it is IMHO pointless and serves only as a way to prevent accidental connections to different cluster. In that form cookie at all is loosing it's raison d'être. I think, that unless there is any large player that extensively is using this feature and is willing to provide resources for maintenance of such, then we should drop it.
>
> I would even say, that maybe we should consider dropping the cookies in general, and instead move such feature to another layer like mutual TLS?
I think non-encrypted distribution over a safe network still has its use,
and that the cookies in this case as you say helps protect against accidental
connections to the wrong cluster.
>
> --
>
> Łukasz Niemier
> lukasz@REDACTED
>
--
/ Raimo Niskanen, Erlang/OTP, Ericsson AB
More information about the erlang-questions
mailing list