On 05/20/18 16:28, Phil Pennock wrote: > 4. Get together actual MUA maintainers who are users of the GnuPG > code-base in a mailing-list and hammer out details of "what should be > done about old mail". Cryptographers have long said to decrypt > inbound mail and re-encrypt it to a storage key, which can > periodically be rotated, but AFAIK mail-clients don't have sane ways > to do this.
What MySQL (from mid-5.7 on) does for tablespace encryption might be of note here. MySQL uses a fixed table key for each encrypted InnoDB table, but encrypts the table keys with a master key which is periodically rotated. This allows regular rotation of the master encryption key that protects all of the table keys, without having to decrypt and re-encrypt possibly terabytes of table data. -- Phil Stracchino Babylon Communications [email protected] [email protected] Landline: +1.603.293.8485 Mobile: +1.603.998.6958
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
