[
https://issues.apache.org/jira/browse/FINERACT-1034?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17133713#comment-17133713
]
Michael Vorburger commented on FINERACT-1034:
---------------------------------------------
I've code reviewed [https://github.com/apache/fineract/pull/1032/] and have
just posted a number of technical review feedback there. But apart from that I
have more general "design" questions about the "bigger picture" which are
perhaps best discussed on this issue, outside of the PR:
The issue description above is fairly terse. After having reviewed the PR, I do
not yet understand the feature. So this will add a new API which will return a
public key, that is generated on the fly (with the private part of the key),
and has a limited lifetime. That key is not persisted, but ephemeral - so for
example when a server restart, which could happen at any time, would make the
server loose such a key (pair). The PR includes a Java method to decrypt - but
that method is not used anywhere, in the PR. So is that PR the first step of
more to come? Can we see it all? So far, I don't really understand how this
would be used - yet. Please help the project to better understand the proposed
feature, so that it can be maintained in the future?
[~ptuomola] & [~awasum] FYI
> RSA Encryption
> --------------
>
> Key: FINERACT-1034
> URL: https://issues.apache.org/jira/browse/FINERACT-1034
> Project: Apache Fineract
> Issue Type: Improvement
> Reporter: Manoj
> Assignee: Manoj
> Priority: Minor
> Fix For: 1.4.0
>
>
> Add RSA key generation API and decryption infra for requests that require
> encryption from source such as biometric, authentication etc.. Also create a
> self expiring keystore
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
