FIPS compliance of the org.apache.kafka:kafka-clients artifact.

a0x8o / kafka

A high-throughput, distributed, publish-subscribe messaging system

Apache License 2.0

66 stars 172 forks source link

FIPS compliance of the org.apache.kafka:kafka-clients artifact. #58

Open fburman-mule opened 9 months ago

fburman-mule commented 9 months ago

There are three security providers added by the artifact and there's no official documentation that explain wether these are FIPS 140-2 compliant.

org.apache.kafka.common.security.plain.internals.PlainSaslServerProvider org.apache.kafka.common.security.scram.internals.ScramSaslClientProvider org.apache.kafka.common.security.scram.internals.ScramSaslServerProvider

Is there any docs about this?

acurci-at-mulesoft commented 1 week ago

I am also interested in documentation on this subject.