[Glass] Some basic internal questions about Encryption
Bruno Buzzi Brassesco
bruno.brasesco at gmail.com
Thu May 13 11:00:53 PDT 2021
Norm,
Each extent and tranlog has it's own (symmetric) session key, stored in the
> file in encrypted format.
> Each session keys for each extent and tranlog is (asymetric) encrypted
> with the same public key and (asymetric) decrypted with the same private
> key (the private key used to start the stone).
> So you only need 1 public/private key pair to access any extent or
> tranlog, but the session key for each extent or tranlog is different.
>
This clarifies all my doubts. Consider adding these sentences to
SysAdminGuide :)
regards,
bruno
El jue, 13 may 2021 a las 14:07, Bruno Buzzi Brassesco (<
bruno.brasesco at gmail.com>) escribió:
> Hi,
>
> After reading the SysAdminGuide on encryption I have a couple of questions
> to clarify some concepts:
> 1) Are Tranlogs encrypted with the same key passed as argument to
> startstone ?
> (I think not, from manual:"Transaction logs written by a Stone using
> encrypted extents are written in encrypted form, using the same keypair as
> the extents.")
> Maybe my confusion is with the Sessions keys of each extent...
>
> 2) If there are multiple extents then which key pair is used to encrypt
> the tranlog ?
> (because each extent has it own key, from manual: "Each extent has its own
> unique session key.")
>
> regards,
> bruno
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gemtalksystems.com/mailman/private/glass/attachments/20210513/176d00c7/attachment.htm>
More information about the Glass
mailing list