Re: value level encryption - Donating?

On Thu, 2017-12-14 at 17:12 +, Jason Bailey wrote: > Source is attached to the ticket with sha1 hash provided. Thanks! Finally got around it to it. Vote is started at https://lists.apache.org/thread.html/427cddf36770db63bd0efc9704edf715 ac72d5986f287fdb9a7f353b@%3Cdev.sling.apache.org%3E

RE: value level encryption - Donating?

Source is attached to the ticket with sha1 hash provided. -Jason -Original Message- From: Robert Munteanu [mailto:romb...@apache.org] Sent: Thursday, December 14, 2017 11:58 AM To: dev@sling.apache.org Subject: Re: value level encryption - Donating? EXTERNAL On Thu, 2017-12-14 at 16

Re: value level encryption - Donating?

On Thu, 2017-12-14 at 16:25 +, Jason Bailey wrote: > Robert - you mentioned " attach the bundle as a single archive > attached to SLING-7255" are you looking for the compiled bundle or a > repository archive? Sorry, that should be the source code :-) Robert

RE: value level encryption - Donating?

PM To: dev@sling.apache.org Subject: Re: value level encryption - Donating? EXTERNAL Hi again Jason, I took a quick look at the code and here are my suggestions before starting the official donation process: 1. Merge the two bundles into a single one The separation from an API point of view is sound, but I'

Re: value level encryption - Donating?

t; > > > > > > Current JIRA for donating > > > https://issues.apache.org/jira/browse/SLING-7255 > > > > > > Source Code for donation > > > https://github.com/JEBailey/sling-encrypt > > > > > > > > > -Original Message- > > >

Re: value level encryption - Donating?

//issues.apache.org/jira/browse/SLING-7255 > > > > Source Code for donation > > https://github.com/JEBailey/sling-encrypt > > > > > > -Original Message- > > From: Antonio Sanso [mailto:asa...@adobe.com.INVALID] > > Sent: Tuesday, December 05,

Re: value level encryption - Donating?

ed resources with the EncryptableValueMap > > and using the encrypt(propertyName) method. Which will re-encrypt > > the property with the new primary. > > > > I'm running with the AES/GCM because it provides the best overall > > security and fits my use cases and

Re: value level encryption - Donating?

support should alleviate some > concerns as well. > > -Jason > > -Original Message- > From: Antonio Sanso [mailto:asa...@adobe.com.INVALID] > Sent: Tuesday, November 21, 2017 5:37 AM > To: dev@sling.apache.org > Subject: Re: value level encryption - Donating? >

RE: value level encryption - Donating?

, November 21, 2017 5:37 AM To: dev@sling.apache.org Subject: Re: value level encryption - Donating? EXTERNAL hi Jason, I basically see 3 options: * ship with AES/CBC that is ok but suboptimal - ship with AES-GCM that is good but has the problem of the nonce highlighted before. The key rotation would

RE: value level encryption - Donating?

ct: Re: value level encryption - Donating? EXTERNAL Hi, On Mon, Nov 20, 2017 at 2:50 PM, Jason Bailey <jason.bai...@sas.com> wrote: > https://github.com/JEBailey/sling-encrypt ... Just a naming nitpick, I think EncryptableValueMap would be a more accurate name than EncryptionValueMa

RE: value level encryption - Donating?

Will work on that today. -Original Message- From: Bertrand Delacretaz [mailto:bdelacre...@apache.org] Sent: Tuesday, November 21, 2017 5:48 AM To: dev <dev@sling.apache.org> Subject: Re: value level encryption - Donating? EXTERNAL Hi, On Tue, Nov 21, 2017 at 11:37 AM, Antonio

RE: value level encryption - Donating?

Subject: Re: value level encryption - Donating? EXTERNAL hi Jason, I basically see 3 options: * ship with AES/CBC that is ok but suboptimal - ship with AES-GCM that is good but has the problem of the nonce highlighted before. The key rotation would help but than what do you do on rotation

Re: value level encryption - Donating?

Hi, On Mon, Nov 20, 2017 at 2:50 PM, Jason Bailey wrote: > https://github.com/JEBailey/sling-encrypt ... Just a naming nitpick, I think EncryptableValueMap would be a more accurate name than EncryptionValueMap. Also, isn't the use of a client-side form parameter like

Re: value level encryption - Donating?

Hi, On Tue, Nov 21, 2017 at 11:37 AM, Antonio Sanso wrote: >... I basically see 3 options:.. How about factoring out the actual encryption providers in separate bundles? This would allow us to accept this contribution and discuss them separately. The sling-encrypt

Re: value level encryption - Donating?

ent: Monday, November 20, 2017 3:07 PM > To: dev@sling.apache.org > Subject: Re: value level encryption - Donating? > > EXTERNAL > > hi Jason, > > I get your point > On Nov 20, 2017, at 4:57 PM, Jason Bailey <jason.bai...@sas.com> wrote: > >> Thanks Antonio. I had co

RE: value level encryption - Donating?

, 2017 3:07 PM To: dev@sling.apache.org Subject: Re: value level encryption - Donating? EXTERNAL hi Jason, I get your point On Nov 20, 2017, at 4:57 PM, Jason Bailey <jason.bai...@sas.com> wrote: > Thanks Antonio. I had considered doing GCM, but I hesitated since it's not > listed a

Re: value level encryption - Donating?

Monday, November 20, 2017 10:29 AM > To: dev@sling.apache.org > Subject: Re: value level encryption - Donating? > > EXTERNAL > > hi Jason, > > thanks a lot for the donation. > I already commented on the issue, just pasting inline part of the comment > though > > On

RE: value level encryption - Donating?

Message- From: Antonio Sanso [mailto:asa...@adobe.com.INVALID] Sent: Monday, November 20, 2017 10:29 AM To: dev@sling.apache.org Subject: Re: value level encryption - Donating? EXTERNAL hi Jason, thanks a lot for the donation. I already commented on the issue, just pasting inline part

Re: value level encryption - Donating?

hi Jason, thanks a lot for the donation. I already commented on the issue, just pasting inline part of the comment though On Nov 20, 2017, at 2:50 PM, Jason Bailey wrote: > So I'm just about done implementing this. > > https://github.com/JEBailey/sling-encrypt > > Value

Re: value level encryption - Donating?

Hi Jason, please first create an according JIRA and link the PR there. Thanks, Konrad > On 20. Nov 2017, at 14:50, Jason Bailey wrote: > > So I'm just about done implementing this. > > https://github.com/JEBailey/sling-encrypt > > Value level encryption. IV is stored

RE: value level encryption - Donating?

So I'm just about done implementing this. https://github.com/JEBailey/sling-encrypt Value level encryption. IV is stored inline so there's no repetition. Accessing encrypted data via the EncryptionValueMap will decode it automatically on access and will handle automatically encrypting values