db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Suresh Thalamati (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-1636) document encryption of an un-encrypted database and re-encryption with new password/key.
Date Fri, 25 Aug 2006 20:36:23 GMT
    [ http://issues.apache.org/jira/browse/DERBY-1636?page=comments#action_12430617 ] 
            
Suresh Thalamati commented on DERBY-1636:
-----------------------------------------

Thanks Laura, updates looks good. I reviewed both the reference manual and  the developer
guide changes. I have few minor comments in the developer guide,  it would be great if you
can look into them. 


ip\cdevcsecure97760.html (Working with encryption)
--------------------------------------------------

In the following sentence , please change "boot key" to "boot password" (
I know that is not best one - but let us be consistent)

You can apply a new encryption key to a Derby database by specifying a new boot
key or a new external key.

change it to :

You can apply a new encryption key to a Derby database by specifying a new boot
password  or a new external key.



tdevcsecurenewbootpw.html:(Encrypting databases with a new boot password)
------------------------------------------------------------------------

you might want to add :

"To encrypt a database  with a new boot password:"

before 

Specify the newEncryptionKey attribute in a URL and reboot the database. For  .....


tdevcsecurenewkeyoverview.html (Encrypting database with new key):
-------------------------------------------------------------------


1) Please change the phrase in the first paragraph : 

"after the new encryption key is implemented but " 

to

"after the database is encrypted with the new encryption key but "



2) 

Can we replaces the following two sentence"

"
To encrypt a database with a new key:

Choose the type of key that you want to use to encrypt the database: 
"

With 

"
To encrypt a database with a new encryption key, one need to specify the 
new boot password or the new external encryption key depending on whether 
the database is currently encrypted using a boot password or 
the external encryption key. 
"


FYI (NOT FOR DOCUMENTATION) : User does not have choice, 
derby does not support switching  between  external encryption key 
and the boot password. 


3)

Last two points/links seems to be duplicates of the previous two links. 
I think we should remove them.

"
Encrypting databases with a new boot password
You can apply a new boot password to a Derby database by specifying the newBootPassword attribute
on the connection URL when you boot the database. 
Encrypting databases with a new external key
You can apply a new external encryption key to a Derby database by specifying the newEncryptionKey
attribute on the connection URL when you boot the database. 
"

4)

In the following sentence "external database" is incorrect,
 
it should be "external encryption key"
 
"To encrypt the database with a new external database, use the newEncryptionKey attribute.
"

should be : 

To encrypt the database with a new external encryption key, use the newEncryptionKey attribute.




tdevcsecureunencrypteddb.html(Encrypting an existing unencrypted database):
---------------------------------------------------------------------------

In this section, I think it would be better to say external encryption key , instead 
of just "encryption key". 

1) 

In the following sentences,  "encryption key" should be changed to "external
encryption key".

1) you can specify whether the database should be encrypted using a boot
   password or an encryption key
2) you might not be able to boot the database without the boot password or
   encryption key.

3) you should try to boot the database with the boot password or the encryption
   key


Note : PLEASE DO NOT CHANGE THE ATTRIBUTE NAME , it is still encryptionKey  ; for
historical reasons. 



2)  In  following sentence it would be easier to read:
"after the database is encrypted "  instead of "after the encryption is implemented"


If the interruption occurs immediately after the encryption is implemented but 

to 

If the interruption occurs immediately after the database is encrypted  but 



tdevdvlp14496.html ( Encrypting a database when you create it):
----------------------------------------------------------------

In this section, the is is no information about external encryption key.

I think the following sentence should be changed to reflect that:

"To do this, you use the dataEncryption=true attribute to turn on encryption
and the bootPassword=key attribute to specify a key for the encryption."

to 

"To do this, you use the dataEncryption=true attribute to turn on encryption
and the bootPassword attribute or the encryptionKey  attribute to specify
a encryption key for the encryption."










> document   encryption of an un-encrypted database and re-encryption with new password/key.
> ------------------------------------------------------------------------------------------
>
>                 Key: DERBY-1636
>                 URL: http://issues.apache.org/jira/browse/DERBY-1636
>             Project: Derby
>          Issue Type: Improvement
>          Components: Documentation
>    Affects Versions: 10.2.1.0
>            Reporter: Suresh Thalamati
>         Assigned To: Laura Stewart
>             Fix For: 10.2.1.0
>
>         Attachments: derby1636_devguide.diff, derby1636_devguide2.diff, derby1636_devguide3.diff,
derby1636_devguide_html.zip, derby1636_devguide_html2.zip, derby1636_devguide_html3.zip, derby1636_ref.diff,
derby1636_ref2.diff, derby1636_ref_html.zip, derby1636_ref_html2.zip, reencrypt_devgudechanges.txt,
reencryptspec_1.html, toc.html
>
>
> document   encryption of an un-encrypted database and re-encryption with new password/key.


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message