Re: [Firebird-devel] Key holder is not used if keyCallback() returned 0

Mon, 14 May 2018 06:35:41 -0700 

On 05/14/18 15:58, Dimitry Sibiryakov wrote:

14.05.2018 14:28, Alex Peshkoff via Firebird-devel wrote:
  Number of combination growth as N^2 at least. Writing of separate plugins for each possible use case is... boring. 


What combinations? Key holder may need to establish connection to 
client or may not. I see 2 cases here.


  Ok, you are right, it is not N^2, just N*2.

A keyholder that pass-through key directly from application.
A keyholder that contain key itself.

A keyholder that contain encrypted key and require passphrase from 
application.

A keyholder that reads key from predefined file.
A keyholder that reads key from file defined from application.

A keyholder that reads key from predefined file and require passphrase 
from application
A keyholder that reads key from file defined by application and 
require passphrase.



  Add here more places where key can be stored in and you'll get 
snowball.



  When you must write each of these plugins or put all plugins into 
single module and add records about each of them into plugins.conf 
(because otherwise it won't work) or explain to an ordinary user how 
to configure this zoo for each encrypted database separately, you will 
feel pity that CORE-4482 is never going to be implemented.






I certainly agree that there may be a lot of types of key holders but 
I've just said that some key holders may need tp talk to client, others 
- not.
What about particular kinds of KH certainly we can have an unlimited 
number of them - just generate new private/public keys pair for data 
exchange or treat each password as separate kind of KH. :-)
But I do not see how is it related with generic part of data exchange 
rules when transferring a key.


PPS. Also I can't imagine people having 7 types of KH on single server :)


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel






















					Reply via email to