ignite-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Artem Budnikov (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (IGNITE-8871) TDE - Phase-1. Documentation
Date Fri, 02 Nov 2018 11:56:00 GMT

    [ https://issues.apache.org/jira/browse/IGNITE-8871?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16673011#comment-16673011

Artem Budnikov commented on IGNITE-8871:


I've read the IEP-18 description in Ignite Wiki and have some questions with regard to implementation
details. Is the page up to date? Could you please provide information on the following questions:

0) Are there any requirements for the master encryption key? 
1) Do I get it right that Cache Encryption Key is generated when the cache is started the
first time and then stored in an encrypted form in a system cache?
2) Is SSL connection between node required for TDE to work or will it work without it? I tried
to start a cluster without SSL configured and it launched just fine. 
3) You have this phrase in the wiki: "MEK must be decrypted by an administrator during cluster
activation."  What actions are required from the administrator? 
4) Similarly, "Administrator sends the password via SSL for MEK decryption to any server node."
What does the administrator need to do to send the password? 
5) Is the master key exchanged between the nodes?

> TDE - Phase-1. Documentation
> ----------------------------
>                 Key: IGNITE-8871
>                 URL: https://issues.apache.org/jira/browse/IGNITE-8871
>             Project: Ignite
>          Issue Type: Sub-task
>          Components: documentation
>    Affects Versions: 2.5
>            Reporter: Nikolay Izhikov
>            Assignee: Artem Budnikov
>            Priority: Major
>              Labels: documentation
>             Fix For: 2.7
> TDE feature should be documented.

This message was sent by Atlassian JIRA

View raw message