db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Suresh Thalamati (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-1636) document encryption of an un-encrypted database and re-encryption with new password/key.
Date Fri, 18 Aug 2006 19:41:15 GMT
    [ http://issues.apache.org/jira/browse/DERBY-1636?page=comments#action_12429100 ] 
            
Suresh Thalamati commented on DERBY-1636:
-----------------------------------------

Thanks a lot Laura. I have few minor comments, It would be great if you 
can make the following changes.  
 
   
Developers Guide:
------------------

tdevcsecurenewbootpw.html : (Encrypting databases with a new boot password)
-----------

1) one case where new boot password can not be used is not mentioned here. 
(It is documented in the external case). please add the following too :

"
If the database is configured with log archival for roll-forward recovery, you
must disable log archival before you can encrypt the database with a new boot password. 
"



2) additional disk space requirement is not mentioned here. ( it is documented 
in the external key)  


"Recommendation: Ensure that you have enough free disk space before you encrypt
a database with a new boot password. In addition to the disk space required for
the current size of the database, temporary disk space is required to store the
old version of the data to restore the database back to it's original state if
the new encryption is interrupted or returns errors. All of the temporary disk 
space is released back to the operating system after the database is
reconfigured to work with the new boot password."



3) 
"To encrypting"   does not sound good:   can 
we change it to : "To encrypt a database with a new boot password:



tdevcsecurenewextkey.html : (Encrypting databases with a new external key
)

1)
Following point about backup recommendation is out of place, please move it to 
before the example. 

"
If you disabled log archival before you applied the new encryption key, create
a new backup of the database  after the database is reconfigured with new the
encryption key. 
"


tdevcsecureunencrypteddb.html (Encrypting an existing database)
---------------------------------------------------------------

1)
please move the last point about the backup to  before the example, 
it looks out of context immediately after the example:

"
If you disabled log archival before you encrypted the database, create a new
backup of the database after the database is encrypted. 
"


cdevcsecure97760.html (Working with encryption)
---------------------------------------------------

1) 
Following sentence is not necessary in (Encrypting databases with a new
external key link) 

"The new encryption key encrypts the database, including the existing data"



Reference Manual :
------------------

rrefattrib60346.html (encryptionAlgorithm=algorithm)
"
Combining with other attributes
The encryptionAlgorithm attribute must be combined with the bootPassword=key, 
dataEncryption=true, and encryptionProvider=providerName attributes.
"

encryptionProvider is not must to specify and encryptionAlgorithm. Above
sentence should be changed to something like :

The encryptionAlgorithm attribute must be combined with the bootPassword=key,
dataEncryption=true attributes. You have the option of also specifying 
encryptionProvider=providerName attribute to specify the encryption provider of
the algorithm.


 
rrefattribnewencryptkey.html (newEncryptionKey= <new encryption key>)
-------------------------------------------------------------------

look like reference link is messed up in the following sentence. 
"
The newEncryptionKey attribute must be combined with the
rrefattribencryptkey.html#rrefattribencryptkey attribute.
"


> document   encryption of an un-encrypted database and re-encryption with new password/key.
> ------------------------------------------------------------------------------------------
>
>                 Key: DERBY-1636
>                 URL: http://issues.apache.org/jira/browse/DERBY-1636
>             Project: Derby
>          Issue Type: Improvement
>          Components: Documentation
>    Affects Versions: 10.2.1.0
>            Reporter: Suresh Thalamati
>         Assigned To: Laura Stewart
>             Fix For: 10.2.1.0
>
>         Attachments: derby1636_devguide.diff, derby1636_devguide_html.zip, derby1636_ref.diff,
derby1636_ref_html.zip, reencrypt_devgudechanges.txt, reencryptspec_1.html
>
>
> document   encryption of an un-encrypted database and re-encryption with new password/key.


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message