[
https://issues.apache.org/jira/browse/DERBY-5792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13458055#comment-13458055
]
Dag H. Wanvik commented on DERBY-5792:
--------------------------------------
The model for attributes are unclear, but they fall into two main categories [1]
- operation (e.g. create, shutdown, restoreFrom)
- arguments for an operation (e.g. password)
There is precendence for no-op operations being ignored (dataEncryption=false
always, dataEncryption=true on 2..n connect) and for raising SQLWarning
(create=true on 2..n connect); the latter only in the embedded driver
(DERBY-5907).
Sometimes meaningless combinations of operations/arguments give errors, others
are ignored..
I guess we can't resolve this state of things easily now, but it would be good
to understand which way we should head with this....
In any case, I think of decrypting as an operation separate from encryption, so
I'd prefer it to have its own attribute.
It may be ignored on attempts 2..n, I guess. "decryptDatabase=true" seems fine
to me.
[1]
Operations
create=true attribute
createFrom=path attribute
dataEncryption=true attribute
failover=true attribute
restoreFrom=path attribute
shutdown=true attribute
rollForwardRecoveryFrom=path attribute
startMaster=true attribute
startSlave=true attribute
stopMaster=true attribute
stopSlave=true attribute
upgrade=true attribute
drop=true attribute
Arguments
bootPassword=key attribute
collation=collation attribute
databaseName=nameofDatabase attribute
deregister=false attribute
encryptionKey=key attribute
encryptionProvider=providerName attribute
encryptionAlgorithm=algorithm attribute
logDevice=logDirectoryPath attribute
newEncryptionKey=key attribute
newBootPassword=newPassword attribute
password=userPassword attribute
retrieveMessageText=false attribute
securityMechanism=value attribute
slaveHost=hostname attribute
slavePort=portValue attribute
ssl=sslMode attribute
territory=ll_CC attribute
traceDirectory=path attribute
traceFile=path attribute
traceFileAppend=true attribute
traceLevel=value attribute
user=userName attribute
> Make it possible to turn off encryption on an already encrypted database.
> -------------------------------------------------------------------------
>
> Key: DERBY-5792
> URL: https://issues.apache.org/jira/browse/DERBY-5792
> Project: Derby
> Issue Type: Improvement
> Components: JDBC, Store
> Affects Versions: 10.10.0.0
> Reporter: Rick Hillegas
> Assignee: Kristian Waagan
> Attachments: derby-5792-1a-boilerplate_and_preparation.diff
>
>
> Currently, you can encrypt an unencrypted database and you can change the
> encryption key on an already encrypted database. However, Derby does not
> expose a way to turn off (unencrypt) an already encrypted database.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
