That's an interesting idea. It still does the same job -- keeps a version associated with the value, but perhaps more elegantly (or at least fewer columns). I'll have to ponder that a bit to see if I can think of any glaring gotchas with doing it that way, but I'm not aware of anything offhand.
You reminded me of something else. When using encryption, your fields are going to need to be larger than normal. For example, a 9-digit social security number will need to be more than a varchar2(9) in the database. Thanks! mrg On Tue, Feb 10, 2009 at 1:34 PM, Mike Kienenberger <[email protected]> wrote: > It's been pointed out to me that you don't need a separate version column. > More than likely you'll be encoding the encrypted value, and you can > prefix that value with the version. > > For example, ':' is not a valid Base64 character, so the encryption > string could just be prefixed with the key version if you encode in > Base64.
