[
https://issues.apache.org/jira/browse/DERBY-5792?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13458117#comment-13458117
]
Kristian Waagan commented on DERBY-5792:
----------------------------------------
---- Kim ----
The one-time operation point seems a bit less compelling, if my guess (just a
guess) is correct that "dataEncryption=true" is also a one-time operation? Or
can you re-encrypt an encrypted database, changing from, say, one encryption
algorithm to another? Would that work, or would it totally mess up your
database? Anyway, I think reducing the possibility of confusion is desirable.
----
Actually, dataEncryption isn't considered a one-time operation, although for
the end user it appears to be so:
a) We save dataEncryption=true in service.properties. Even if you specify
dataEncryption=false when connecting, we will read dataEncryption=true if the
database is [already] encrypted.
b) You can re-encrypt [1] an encrypted database, but I haven't checked if you
have to specify dataEncryption=true or only newBootPassword/newEncryptionKey
(with bootPassword to access the database in addition) to do so.
As for attribute handling I'm going for what seems to be the default action:
o ignore attributes when they don't cause any trouble, for instance
decryptDatabase=true on un-encrypted or booted database. One could argue the
latter case deserves a warning.
o raise exception if the attributes are truly conflicting
(dataEncryption=true;decryptDatabase=true on un-encrypted database,
decryptDatabase=true;createFrom=myEncryptedDb)
[1] I'd have to look at the code / docs again to say exactly what re-encrypt
entails in all cases. I seem to recall some differences between using the boot
attributes and the system procedure for changing the boot password.
> Make it possible to turn off encryption on an already encrypted database.
> -------------------------------------------------------------------------
>
> Key: DERBY-5792
> URL: https://issues.apache.org/jira/browse/DERBY-5792
> Project: Derby
> Issue Type: Improvement
> Components: JDBC, Store
> Affects Versions: 10.10.0.0
> Reporter: Rick Hillegas
> Assignee: Kristian Waagan
> Attachments: derby-5792-1a-boilerplate_and_preparation.diff
>
>
> Currently, you can encrypt an unencrypted database and you can change the
> encryption key on an already encrypted database. However, Derby does not
> expose a way to turn off (unencrypt) an already encrypted database.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
