db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mamta A. Satoor (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-4493) encryptionAlgorithm is ignored at boot, but Documentation states it is required
Date Mon, 24 Jun 2013 20:24:20 GMT

    [ https://issues.apache.org/jira/browse/DERBY-4493?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13692333#comment-13692333
] 

Mamta A. Satoor commented on DERBY-4493:
----------------------------------------

There has been no activity on this jira for a very long time. I think Bryan suggested some
doc changes in the link he provided above.
                
> encryptionAlgorithm is ignored at boot, but Documentation states it is required
> -------------------------------------------------------------------------------
>
>                 Key: DERBY-4493
>                 URL: https://issues.apache.org/jira/browse/DERBY-4493
>             Project: Derby
>          Issue Type: Bug
>          Components: Documentation
>    Affects Versions: 10.5.3.0
>         Environment: Windows XP SP3 / JRE 1.5 / Derby 10.5.3.0 embedded.
>            Reporter: Sven Pedersen
>            Assignee: Bryan Pendleton
>            Priority: Minor
>
> The documentation @ http://db.apache.org/derby/docs/10.5/devguide/tdevdvlp40140.html
> states that 
> "If the algorithm that was used when the database was created is not the default algorithm,
you must also specify the encryptionAlgorithm attribute"
> yet when I gave the wrong value of "DES/CBC/NoPadding", having created the database with
"DESede", it booted without a problem. I was concerned that it might not have actually encrypted
with the correct algorithm, given this Java bug:
> http://forums.sun.com/thread.jspa?threadID=5129170&start=15
> I was concerned that it might not use strong (>128 bit) encryption. Other people may
be similarly concerned about what the documentation seems to say, given the behavior of the
code. I think that statement in quotes should be removed entirely, and one stating something
to the effect of 
> "Just supply the bootPassword or encryptionKey attributes to boot the database."
> Should replace it.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message