[ http://issues.apache.org/jira/browse/DERBY-1636?page=comments#action_12430617 ] Suresh Thalamati commented on DERBY-1636: -----------------------------------------
Thanks Laura, updates looks good. I reviewed both the reference manual and the developer guide changes. I have few minor comments in the developer guide, it would be great if you can look into them. ip\cdevcsecure97760.html (Working with encryption) -------------------------------------------------- In the following sentence , please change "boot key" to "boot password" ( I know that is not best one - but let us be consistent) You can apply a new encryption key to a Derby database by specifying a new boot key or a new external key. change it to : You can apply a new encryption key to a Derby database by specifying a new boot password or a new external key. tdevcsecurenewbootpw.html:(Encrypting databases with a new boot password) ------------------------------------------------------------------------ you might want to add : "To encrypt a database with a new boot password:" before Specify the newEncryptionKey attribute in a URL and reboot the database. For ..... tdevcsecurenewkeyoverview.html (Encrypting database with new key): ------------------------------------------------------------------- 1) Please change the phrase in the first paragraph : "after the new encryption key is implemented but " to "after the database is encrypted with the new encryption key but " 2) Can we replaces the following two sentence" " To encrypt a database with a new key: Choose the type of key that you want to use to encrypt the database: " With " To encrypt a database with a new encryption key, one need to specify the new boot password or the new external encryption key depending on whether the database is currently encrypted using a boot password or the external encryption key. " FYI (NOT FOR DOCUMENTATION) : User does not have choice, derby does not support switching between external encryption key and the boot password. 3) Last two points/links seems to be duplicates of the previous two links. I think we should remove them. " Encrypting databases with a new boot password You can apply a new boot password to a Derby database by specifying the newBootPassword attribute on the connection URL when you boot the database. Encrypting databases with a new external key You can apply a new external encryption key to a Derby database by specifying the newEncryptionKey attribute on the connection URL when you boot the database. " 4) In the following sentence "external database" is incorrect, it should be "external encryption key" "To encrypt the database with a new external database, use the newEncryptionKey attribute. " should be : To encrypt the database with a new external encryption key, use the newEncryptionKey attribute. tdevcsecureunencrypteddb.html(Encrypting an existing unencrypted database): --------------------------------------------------------------------------- In this section, I think it would be better to say external encryption key , instead of just "encryption key". 1) In the following sentences, "encryption key" should be changed to "external encryption key". 1) you can specify whether the database should be encrypted using a boot password or an encryption key 2) you might not be able to boot the database without the boot password or encryption key. 3) you should try to boot the database with the boot password or the encryption key Note : PLEASE DO NOT CHANGE THE ATTRIBUTE NAME , it is still encryptionKey ; for historical reasons. 2) In following sentence it would be easier to read: "after the database is encrypted " instead of "after the encryption is implemented" If the interruption occurs immediately after the encryption is implemented but to If the interruption occurs immediately after the database is encrypted but tdevdvlp14496.html ( Encrypting a database when you create it): ---------------------------------------------------------------- In this section, the is is no information about external encryption key. I think the following sentence should be changed to reflect that: "To do this, you use the dataEncryption=true attribute to turn on encryption and the bootPassword=key attribute to specify a key for the encryption." to "To do this, you use the dataEncryption=true attribute to turn on encryption and the bootPassword attribute or the encryptionKey attribute to specify a encryption key for the encryption." > document encryption of an un-encrypted database and re-encryption with new > password/key. > ------------------------------------------------------------------------------------------ > > Key: DERBY-1636 > URL: http://issues.apache.org/jira/browse/DERBY-1636 > Project: Derby > Issue Type: Improvement > Components: Documentation > Affects Versions: 10.2.1.0 > Reporter: Suresh Thalamati > Assigned To: Laura Stewart > Fix For: 10.2.1.0 > > Attachments: derby1636_devguide.diff, derby1636_devguide2.diff, > derby1636_devguide3.diff, derby1636_devguide_html.zip, > derby1636_devguide_html2.zip, derby1636_devguide_html3.zip, > derby1636_ref.diff, derby1636_ref2.diff, derby1636_ref_html.zip, > derby1636_ref_html2.zip, reencrypt_devgudechanges.txt, reencryptspec_1.html, > toc.html > > > document encryption of an un-encrypted database and re-encryption with new > password/key. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
