Thank you Alex. I was hoping session key might be used to encrypt meta data. Thanks, Mary On Mon, Sep 23, 2024, 1:24 AM Alex Hussein-Kershaw (HE/HIM) < alexhus@xxxxxxxxxxxxx> wrote: > Feels like you answered your own question here - why not just use HTTPS > for your multisite sync? > > I'm not aware of any other encryption mechanisms for metadata (I guess > using SSE encryption for your data may save that going over in plain text) > and would assume that just using HTTP would indeed be a security risk. > > ------------------------------ > *From:* maryzhang0920@xxxxxxxxx <maryzhang0920@xxxxxxxxx> > *Sent:* Thursday, September 19, 2024 6:01 AM > *To:* ceph-users@xxxxxxx <ceph-users@xxxxxxx> > *Subject:* [EXTERNAL] Multisite sync: is metadata > transferred in plain text? > > Hi, > > We have a multisite Ceph configuration, with http (not https) sync > endpoints. Are all sync traffic in plain text? > We have concerns about metadata. For example, when syncing a newly created > user and its access key and secret key from the Master zone to a secondary > zone, is this traffic in plain text? If so, what are options to encrypt it? > > Thank you, > Mary > _______________________________________________ > ceph-users mailing list -- ceph-users@xxxxxxx > To unsubscribe send an email to ceph-users-leave@xxxxxxx > _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx