[jira] Commented: (DERBY-4493) encryptionAlgorithm is ignored at boot, but Documentation states it is required

Sat, 26 Dec 2009 15:25:56 -0800 

    [ 
https://issues.apache.org/jira/browse/DERBY-4493?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12794655#action_12794655
 ] 

Sven Pedersen commented on DERBY-4493:
--------------------------------------

Thanks, Bryan. It looks like you have explained and documented the
issue very well.
--Sven





-- 
``All that is gold does not glitter,
  not all those who wander are lost;
the old that is strong does not wither,
  deep roots are not reached by the frost.
>From the ashes a fire shall be woken,
  a light from the shadows shall spring;
renewed shall be blade that was broken,
  the crownless again shall be king.”


> encryptionAlgorithm is ignored at boot, but Documentation states it is 
> required
> -------------------------------------------------------------------------------
>
>                 Key: DERBY-4493
>                 URL: https://issues.apache.org/jira/browse/DERBY-4493
>             Project: Derby
>          Issue Type: Bug
>          Components: Documentation
>    Affects Versions: 10.5.3.0
>         Environment: Windows XP SP3 / JRE 1.5 / Derby 10.5.3.0 embedded.
>            Reporter: Sven Pedersen
>            Assignee: Bryan Pendleton
>            Priority: Minor
>
> The documentation @ 
> http://db.apache.org/derby/docs/10.5/devguide/tdevdvlp40140.html
> states that 
> "If the algorithm that was used when the database was created is not the 
> default algorithm, you must also specify the encryptionAlgorithm attribute"
> yet when I gave the wrong value of "DES/CBC/NoPadding", having created the 
> database with "DESede", it booted without a problem. I was concerned that it 
> might not have actually encrypted with the correct algorithm, given this Java 
> bug:
> http://forums.sun.com/thread.jspa?threadID=5129170&start=15
> I was concerned that it might not use strong (>128 bit) encryption. Other 
> people may be similarly concerned about what the documentation seems to say, 
> given the behavior of the code. I think that statement in quotes should be 
> removed entirely, and one stating something to the effect of 
> "Just supply the bootPassword or encryptionKey attributes to boot the 
> database."
> Should replace it.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to