Return-Path: Delivered-To: apmail-directory-dev-archive@www.apache.org Received: (qmail 27949 invoked from network); 15 Jan 2008 23:07:21 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 15 Jan 2008 23:07:21 -0000 Received: (qmail 73629 invoked by uid 500); 15 Jan 2008 23:07:10 -0000 Delivered-To: apmail-directory-dev-archive@directory.apache.org Received: (qmail 73590 invoked by uid 500); 15 Jan 2008 23:07:10 -0000 Mailing-List: contact dev-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Apache Directory Developers List" Delivered-To: mailing list dev@directory.apache.org Received: (qmail 73579 invoked by uid 99); 15 Jan 2008 23:07:10 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 15 Jan 2008 15:07:10 -0800 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of elecharny@gmail.com designates 72.14.220.158 as permitted sender) Received: from [72.14.220.158] (HELO fg-out-1718.google.com) (72.14.220.158) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 15 Jan 2008 23:06:43 +0000 Received: by fg-out-1718.google.com with SMTP id e12so32590fga.3 for ; Tue, 15 Jan 2008 15:06:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; bh=gae3WmdOEC9FmDYS+ZeUdTa4YK6V5Jn/samHoLBvk7A=; b=fef23x3FIXZM/Z0EVh2pNs2MweC4RKHpbDrQZHWsEP7+LO/bOF7RRlRw/jGuLLq0ZRj02BQFd4GsudR4ptHV23flkEFc+kEW95g/m0bogsiyDILAev0k6fRJi8KEHXB48Zq5V0ooPAzQoOD+eKuRvtPYpwjXM4PPgig5BELo498= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:content-type:content-transfer-encoding; b=gG2FygV2/gS4ZynqnQ+ZGFQyjoRpkDw6K1cIxCT/GXO9u28au6noy9a3tztN66lDhiw2T0eaKnH6cku1Zd0u5uW7axGK2O+sn9tZm1Hl+1sy7gXABJdUqoTn3n11WPpKW7Nx2tzXKiR9K36CP0eLeRWhGpTaCiPJx1Lhc2fXzqQ= Received: by 10.86.53.8 with SMTP id b8mr31032fga.64.1200438404893; Tue, 15 Jan 2008 15:06:44 -0800 (PST) Received: from ?192.168.0.1? ( [82.66.216.176]) by mx.google.com with ESMTPS id e20sm87347fga.1.2008.01.15.15.06.42 (version=TLSv1/SSLv3 cipher=RC4-MD5); Tue, 15 Jan 2008 15:06:43 -0800 (PST) Message-ID: <478D3C56.60408@gmail.com> Date: Wed, 16 Jan 2008 00:05:58 +0100 From: Emmanuel Lecharny User-Agent: Thunderbird 1.5.0.14pre (X11/20071023) MIME-Version: 1.0 To: Apache Directory Developers List Subject: Re: Entry serialization References: <478B92D6.1040300@gmail.com> <478B9778.7070905@levigo.de> <478B9A43.3090907@gmail.com> <478B9BB9.3020103@levigo.de> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked by ClamAV on apache.org Alex Karasulu wrote: > Trying to get back on this. I got no response from the incubator PMC > on the email I sent regarding their advice on this situation. Perhaps > Emmanuel you can reping and ask if anyone can advise what to do here? Sure. Will do tomorrow. > > Alex > > On Jan 14, 2008 12:28 PM, J�rg Henne > wrote: > > Emmanuel Lecharny schrieb: > > J�rg Henne wrote: > >> Emmanuel Lecharny wrote: > >>> as I need to rewrite the serialization for ServerEntry, > >>> ServerAttribute, ServerValue, DN, RDN and > AttributeTypeAndValue, I > >>> have had some ideas, and I would like to know your opinion : > >>> > >>> - what about adding a flag to tell the serialization methods > (those > >>> classes are Externalizable) to encrypt/decrypt the data on disk ? > >>> Tis would be a much better solution than to define an encryption > >>> option to be added to all the attributes (like > >>> "cn;encrypted=fR5*za"). All the data will be encrypted before > being > >>> serialized to disk. It would be off by default, of course > >> To make the encryption cryptographically sound, the message to be > >> encrypted must be sufficiently random. In a scheme where each > entry > >> is encrypted individually, this requires an initialization vector > >> (i.e. some random bits) which amounts to relatively high percentage > >> of wasted space. A scheme where the encryption happens in larger > >> chunks (e.g. B-Tree nodes or pages) will typically have better > >> "randomness" in the first place and reduce the space wasted by > the iv. > >> I don't know how the storage engine works at the bottom end, > but I'd > >> guess that this would be a better place to do encryption. > > The idea is not to build a 100% secure system. There are better ways > > to do that (for instance, relying on an encrypted file system on > > linux, etc). > > > > The thing is that with an encryption on entries, during the > > serialization, we will be able to keep an encrypted version of an > > entry on disk AND in memory, as we store the read entry in a cache. > > > > Let's say it's a step in the right direction for people who want > some > > better security when it comes to store personal data, which is > likely > > with a LDAP server. > Right, as long as the goal is just to hide things from casual > "observers" and to fend off low-tech attackers with hex-editors, > there's > nothing wrong with your approach. > > Joerg Henne > > > > -- -- cordialement, regards, Emmanuel L�charny www.iktek.com directory.apache.org