Hi,
On Wed, Oct 29, 2014 at 1:02 AM, Udara Liyanage <ud...@wso2.com> wrote:
> Hi,
>
> Isn't is better to encrypt fields of the file rather than the whole file
> like we do in secure vault. Please correct me if I am wrong since I am not
> well aware of the exact use case
>
1. Yes, we are to only encrypt the property value.
Adding more information, as I know the plan is to define something like
below in the file to be encrypted.
<Property name="ConnectionPassword" *encrypted=false*
>admin</Property>
After encrypting the value it will be saved back as,
<Property name="ConnectionPassword" *encrypted=true*
>Wxy635hxahftafafetk8dsnnHkw</Property>
It would be great if there is a better way to imply which properties should
be encrypted and after encrypting, to imply that the value is encrypted.
2. An indication in the file name is added to imply whether it
carries property values to be encrypted. Otherwise all the properties
should be scanned blindly and checked for the encryption which seemed a
waste. The is a trade-off between this cost of scanning and another
convention added to the file name.
> I prefer prefix rather than appending since appending enc does not help
> someone to figure it out as a secured file at first glance.
>
> In OSes like Linux file extension does not matter much. Is it possible for
> someone to have a file name like 'sec-con' (without any extension)
>
> Touched, not typed. Erroneous words are a feature, not a typo.
>
Thanks,
Pushpalanka.
--
Pushpalanka Jayawardhana, B.Sc.Eng.(Hons).
Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/
Mobile: +94779716248
Blog: pushpalankajaya.blogspot.com/ | LinkedIn:
lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka
_______________________________________________
Architecture mailing list
Architecture@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
