chibenwa commented on code in PR #2505: URL: https://github.com/apache/james-project/pull/2505#discussion_r1860115002
########## src/adr/0071-objectstorage-sse-c.md: ########## @@ -31,20 +30,19 @@ Enabling SSE-C is fully optional. By default, it is disabled and requires config ### Benefits -- Performance Improvement: SSE-C takes advantage of S3’s security capabilities without taxing James’s CPU. +- Potential Performance Improvement: SSE-C leverages S3’s security capabilities, potentially reducing CPU load on James servers by offloading encryption and decryption tasks to S3. - Security: Provides robust security without fully shifting encryption to the client or to S3 alone. ### Limitations -- Incompatibility with Deduplication feature. - Data Migration Challenges: Currently, S3 APIs do not support migrating encrypted data from AESBlobStoreDAO (client-side encryption) to the new SSE-C endpoint. -- Replication: SSE-C does not support bucket replication. -- SSE-C is less secure than AESBlobStoreDAO (Client-Side Encryption). +- Replication: Some object storage provider does not support bucket replication when enable SSE-C. Eg: OVH Object Storage, S3-Minio only support from version 2024-03-30. +- SSE-C may be considered less secure than AESBlobStoreDAO (Client-Side Encryption) because the encryption key must be provided to the S3 service for encryption and decryption operations. Review Comment: Let's say that with SSE-C the S3 storage provider do not persist the keys. It's an important nuance. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: notifications-unsubscr...@james.apache.org For additional commands, e-mail: notifications-h...@james.apache.org
