Connecting cluster with different cookies

Raimo Niskanen raimo+erlang-questions@REDACTED
Tue Aug 10 10:54:36 CEST 2021

On Mon, Aug 09, 2021 at 06:34:02PM +0200, Łukasz Niemier wrote:
> > So, what says the Community?  How important feature is it
> > to be able to connect nodes with different cookies?
> I never had need for that, but I think that it could have some uses in the past when there was no TLS connection and cookie was only "protection". Nowadays it is IMHO pointless and serves only as a way to prevent accidental connections to different cluster. In that form cookie at all is loosing it's raison d'être. I think, that unless there is any large player that extensively is using this feature and is willing to provide resources for maintenance of such, then we should drop it.
> I would even say, that maybe we should consider dropping the cookies in general, and instead move such feature to another layer like mutual TLS?

I think non-encrypted distribution over a safe network still has its use,
and that the cookies in this case as you say helps protect against accidental
connections to the wrong cluster.

> --
> Łukasz Niemier
> lukasz@REDACTED


/ Raimo Niskanen, Erlang/OTP, Ericsson AB

More information about the erlang-questions mailing list