[Koha-bugs] [Bug 34976] Encryption keys should not be shared between modules
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Oct 4 00:35:14 CEST 2023
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=34976
--- Comment #2 from David Cook <dcook at prosentient.com.au> ---
Having a single master key isn't uncommon, but it could be nice to be able to
have multiple encryption keys and to specify which one is needed for what
feature.
I think that this mechanism could be especially useful for key rotation. (I
notice Marcel has already commented on bug 32078 where we had talked a bit
about key rotation.) I've used other systems where I've rotated encryption keys
in this way.
Another future use could be data interchange. Perhaps you'd want to share
encrypted data with another system without giving that other system your master
key. You could just encrypt that particular information with a shared key while
keeping most other data encrypted using a master key. This scenario is pretty
hypothetical though.
--
You are receiving this mail because:
You are watching all bug changes.
You are the assignee for the bug.
More information about the Koha-bugs
mailing list