Return-Path: Delivered-To: apmail-db-derby-user-archive@www.apache.org Received: (qmail 82918 invoked from network); 16 Jun 2007 05:24:10 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 16 Jun 2007 05:24:10 -0000 Received: (qmail 18003 invoked by uid 500); 16 Jun 2007 05:24:12 -0000 Delivered-To: apmail-db-derby-user-archive@db.apache.org Received: (qmail 17972 invoked by uid 500); 16 Jun 2007 05:24:12 -0000 Mailing-List: contact derby-user-help@db.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: List-Id: Reply-To: "Derby Discussion" Delivered-To: mailing list derby-user@db.apache.org Received: (qmail 17960 invoked by uid 99); 16 Jun 2007 05:24:12 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 15 Jun 2007 22:24:12 -0700 X-ASF-Spam-Status: No, hits=0.6 required=10.0 tests=NO_REAL_NAME X-Spam-Check-By: apache.org Received-SPF: pass (herse.apache.org: local policy) Received: from [65.195.181.55] (HELO dbrack01.segel.com) (65.195.181.55) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 15 Jun 2007 22:24:08 -0700 Received: from Desktop02 (desktop02.segel.com [65.195.181.45]) by dbrack01.segel.com (Postfix - We shoot spammers on site.) with ESMTP id 34CA452536; Sat, 16 Jun 2007 00:36:49 -0500 (CDT) Reply-To: From: Sender: "Michael Segel" To: "'Derby Discussion'" , Subject: RE: User/password encryption and deployment Date: Sat, 16 Jun 2007 00:29:03 -0500 Organization: MSCC MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 In-Reply-To: <20070616053142.E614652534@dbrack01.segel.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 Thread-Index: Acev1YBf6WM0fVLtTY2GUjnQFOQZnQAADHaQAABRDqA= Message-Id: <20070616053649.34CA452536@dbrack01.segel.com> X-Virus-Checked: Checked by ClamAV on apache.org Just to follow up to my own post... http://db.apache.org/derby/docs/10.2/adminguide/tadminapps811695.html) Unless my tired eyes deceive me... (Its 12:30am and its been a long day...), This deals with encryption of the database and not encryption between the client and the database. > -----Original Message----- > From: Michael Segel [mailto:msegel@segel.com] > Sent: Saturday, June 16, 2007 12:24 AM > To: 'Derby Discussion' > Subject: RE: User/password encryption and deployment > > > > > -----Original Message----- > > From: Bill Shannon [mailto:bill.shannon@sun.com] > > Sent: Saturday, June 16, 2007 12:04 AM > > To: Derby Discussion > > Subject: Re: User/password encryption and deployment > > > > derby@segel.com wrote: > > > Maybe I am missing something but what exactly are you encrypting? > > > > > > SSL is transmission from client to server over the net. > > > > > > Derby is Cloudscape till 2008 when IBM cuts loose. > > > > > > So are you trying to use an encryption data type? > > > > > > And how strong of an encryption do you want? > > > > I think the idea is to protect the communication between the client > > and the server so that passwords aren't sent in the clear. None of > > the data being stored in the database is being encrypted, just the > > client/server communication. > > > > It *is* 2007. Isn't this pretty much standard by now? > > Uhm well, one would think. > > Which is why I'm a little suspect that the *only* way to do encryption on > the wire is to be forced to bring in IBM's JCE. > > I'll admit I haven't looked at this issue in depth, just trying to > understand the use case and see if its beyond encrypting the session ... > > > > >