db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rick Hillegas <rick.hille...@oracle.com>
Subject Re: Do we need a separate Loggable for an unencryption operation?
Date Wed, 24 Oct 2012 13:16:14 GMT
On 10/17/12 10:18 AM, Rick Hillegas wrote:
> When Kristian implemented database unencryption, I believe that he 
> just piggybacked on top of the existing re-encryption logic. This 
> means that unencryption records an EncryptContainerUndoOperation in 
> the transaction log just as re-encryption does. Does anyone see a 
> compelling reason to create a new UnencryptContainerUndoOperation for 
> unencryption in order to distinguish it from re-encryption?
>
> Thanks,
> -Rick
>
Here is my opinion. Derby now supports 3 encryption-related state 
transitions:

1) Unencrypted -> Encrypted

2) Encrypted -> Re-encrypted

3) Encrypted -> Unencrypted

Encryption has been part of Derby since it was open-sourced. In that 
period it has been sufficient to use one log entry format for both (1) 
and (2). That suggests we're not going to need another log entry format 
for (3). We can always write upgrade logic if we ever need to introduce 
a new log entry format in order to tease apart these state transitions. 
Creating a new log entry format strikes me as a chunk of work that is 
not motivated by any compelling evidence. So I recommend that we stick 
with what Kristian has done and use the same log entry format for all 
three state transitions.

Thanks,
-Rick

Mime
View raw message