[Glass] Some basic internal questions about Encryption
Norm Green
norm.green at gemtalksystems.com
Thu May 13 10:16:57 PDT 2021
Hi Bruno,
Each extent and tranlog has it's own (symmetric) session key, stored in
the file in encrypted format.
Each session keys for each extent and tranlog is (asymetric) encrypted
with the same public key and (asymetric) decrypted with the same private
key (the private key used to start the stone).
So you only need 1 public/private key pair to access any extent or
tranlog, but the session key for each extent or tranlog is different.
Does that make sense?
Norm
On 5/13/2021 10:07 AM, Bruno Buzzi Brassesco via Glass wrote:
> Hi,
>
> After reading the SysAdminGuide on encryption I have a couple of
> questions to clarify some concepts:
> 1) Are Tranlogs encrypted with the same key passed as argument to
> startstone ?
> (I think not, from manual:"Transaction logs written by a Stone using
> encrypted extents are written in encrypted form, using the same
> keypair as the extents.")
> Maybe my confusion is with the Sessions keys of each extent...
>
> 2) If there are multiple extents then which key pair is used to
> encrypt the tranlog ?
> (because each extent has it own key, from manual: "Each extent has its
> own unique session key.")
>
> regards,
> bruno
>
> _______________________________________________
> Glass mailing list
> Glass at lists.gemtalksystems.com
> https://lists.gemtalksystems.com/mailman/listinfo/glass
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gemtalksystems.com/mailman/private/glass/attachments/20210513/6ee5b1cd/attachment.htm>
More information about the Glass
mailing list