TLS - traffic security

[glycerine]

Is any of the mysql, thrift client-to-node, or inter-node traffic in actordb secured with TLS/certs?

If not, how could I add such protection?

(shared secret encryption would be okay as well; if certs are too complex).

[SergejJurecko]

We considered it, but never came to the conclusion it's worth the effort and overhead. Of course we can always be persuaded otherwise from someone with a use case we did not consider.

[glycerine]

is all inter-node traffic at least using the erlang shared-secret? It looks like it is, and if there is no other tcp/udp outside erlang, that would be at least some comfort.

[SergejJurecko]

Hardly any. Erlang protocol is completely insecure anyway.

[glycerine]

okay. Thanks @SergejJurecko for clarifying the situation. For on-premise installs, when you are self-hosting, this makes perfect sense.

This was the information I was looking for. I'll close the issue.