> Why is it significantly easier to protect the key[s]
> used for the encryption than the storage itself?
one could always passphrase-protect the key, i.e. use symmetric encryption.
admittedly, this could potentially be brute-forced, but ... should be
good enough for most purposes?
For more information about ZODB, see the ZODB Wiki:
ZODB-Dev mailing list - ZODB-Dev@zope.org