[
https://issues.apache.org/jira/browse/IGNITE-8871?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16673011#comment-16673011
]
Artem Budnikov commented on IGNITE-8871:
----------------------------------------
[~NIzhikov]
I've read the IEP-18 description in Ignite Wiki and have some questions with
regard to implementation details. Is the page up to date? Could you please
provide information on the following questions:
0) Are there any requirements for the master encryption key?
1) Do I get it right that Cache Encryption Key is generated when the cache is
started the first time and then stored in an encrypted form in a system cache?
2) Is SSL connection between node required for TDE to work or will it work
without it? I tried to start a cluster without SSL configured and it launched
just fine.
3) You have this phrase in the wiki: "MEK must be decrypted by an administrator
during cluster activation." What actions are required from the administrator?
4) Similarly, "Administrator sends the password via SSL for MEK decryption to
any server node." What does the administrator need to do to send the password?
5) Is the master key exchanged between the nodes?
> TDE - Phase-1. Documentation
> ----------------------------
>
> Key: IGNITE-8871
> URL: https://issues.apache.org/jira/browse/IGNITE-8871
> Project: Ignite
> Issue Type: Sub-task
> Components: documentation
> Affects Versions: 2.5
> Reporter: Nikolay Izhikov
> Assignee: Artem Budnikov
> Priority: Major
> Labels: documentation
> Fix For: 2.7
>
>
> TDE feature should be documented.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
