db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kim Haase (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (DERBY-4493) encryptionAlgorithm is ignored at boot, but Documentation states it is required
Date Mon, 01 Jul 2013 14:32:21 GMT

     [ https://issues.apache.org/jira/browse/DERBY-4493?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Kim Haase resolved DERBY-4493.

          Resolution: Fixed
       Fix Version/s:
    Issue & fix info:   (was: Newcomer)

We did a major overhaul of the database-encryption documentation for 10.10 (see DERBY-1721),
and this topic actually went away -- we put all the info in one section instead of scattering
it. I think it is safe to mark this issue as resolved.
> encryptionAlgorithm is ignored at boot, but Documentation states it is required
> -------------------------------------------------------------------------------
>                 Key: DERBY-4493
>                 URL: https://issues.apache.org/jira/browse/DERBY-4493
>             Project: Derby
>          Issue Type: Bug
>          Components: Documentation
>    Affects Versions:
>         Environment: Windows XP SP3 / JRE 1.5 / Derby embedded.
>            Reporter: Sven Pedersen
>            Priority: Minor
>              Labels: derby_triage10_11
>             Fix For:
> The documentation @ http://db.apache.org/derby/docs/10.5/devguide/tdevdvlp40140.html
> states that 
> "If the algorithm that was used when the database was created is not the default algorithm,
you must also specify the encryptionAlgorithm attribute"
> yet when I gave the wrong value of "DES/CBC/NoPadding", having created the database with
"DESede", it booted without a problem. I was concerned that it might not have actually encrypted
with the correct algorithm, given this Java bug:
> http://forums.sun.com/thread.jspa?threadID=5129170&start=15
> I was concerned that it might not use strong (>128 bit) encryption. Other people may
be similarly concerned about what the documentation seems to say, given the behavior of the
code. I think that statement in quotes should be removed entirely, and one stating something
to the effect of 
> "Just supply the bootPassword or encryptionKey attributes to boot the database."
> Should replace it.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

View raw message