David Handermann created NIFI-9262:
--------------------------------------
Summary: Refactor Flow Property Encryption Property Names
Key: NIFI-9262
URL: https://issues.apache.org/jira/browse/NIFI-9262
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework, Security
Reporter: David Handermann
Assignee: David Handermann
Current terminology for some encryption capabilities within NiFi creates
unnecessary confusion due to reusing similar words. NiFi supports the following
property encryption capabilities:
1. Encryption of values in {{nifi.properties}} using the
{{SensitivePropertyProvider}} interface and implementations
2. Encryption of property values in flow components using the
{{PropertyEncryptor}} interface and implementations
The following two property names in {{nifi.properties}} define the behavior of
flow component property encryption:
1. {{nifi.sensitive.props.key}}
2. {{nifi.sensitive.props.algorithm}}
Although these two property names predate the {{SensitivePropertyProvider}}
interface, changing these property names would clarify their purpose within the
framework.
Introducing new property names should maintain backward compatibility. In
light of the fact that {{nifi.sensitive.props.key}} serves as the source for a
key derivation function, this might be better described as a password or
passphrase.
Potential options for renaming these properties include the following:
1. {{nifi.flow.property.encryption.password}}
2. {{nifi.flow.property.encryption.algorithm}}
These property names provide a strong association with NiFi Flow component
properties and avoid potential confusion associated with
{{SensitivePropertyProvider}} capabilities.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
