On 21/05/18 14:35, Phil Stracchino wrote: > What MySQL (from mid-5.7 on) does for tablespace encryption might be of > note here. MySQL uses a fixed table key for each encrypted InnoDB > table, but encrypts the table keys with a master key which is > periodically rotated. This allows regular rotation of the master > encryption key that protects all of the table keys, without having to > decrypt and re-encrypt possibly terabytes of table data.
The equivalent in PGP is to replace the asymmetric encryption layer but keep the same symmetric session key. But this assumes that the symmetric encryption remains sound. In the efail scenaroio at least, we also probably want to replace the symmetric algorithm (3DES, CAST5). -- Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
_______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
