There are a lot of cases where it would be great for a worker to be able to communicate directly to nimbus, supervisors, or drpc servers in a secure way out of the box.
This is currently a pain to make work. The user has to ship a TGT with their topology, and continually keep it up to date with credentials-push. They also need a kind of hacked up jaas.conf to grab the TGT from AutoTGT and put it in the place that he client wants it.
We should just generate a signed data structure (aka delegation token from hadoop) that we can had off to the topologies to use when talking to nimbus, a supervisor, or drpc servers.
We may want to split up the different services from each other to make an attack against one not hit all of them, but that is something we can think about with the design of this.
I will try to come up with a design shortly.