As a user I want to be able to rotate my encryption keys and rekey my informations
Ticket moved to GitHub: "pulp/pulpcore/2048":https://github.com/pulp/pulpcore/issues/2048
Pulp 3.15 brings the support for encrypting fields in the DB. This is a great step toward better security practices. Thanks team for that.
In order to go a step further with security best-practices, I would like to be able to rotate my keys periodically, and hence rekey my data.
As it's stand today I haven't see a way to do this.
Updated by daviddavis about 1 year ago
We should provide a
pulpcore-managercommand to replace the key.
+1. How will the command work? What options will it take?
Also there should be a strategy how to rekey in a clustered environment.
Maybe we should file another issue for this? Or turn this into an epic with subtasks?
Updated by bmbouter about 1 year ago
+1 to an epic with subtasks.
Also just to state it: It's both the changing of the key and the decrypt-re-encrypt of data in the database. Also here are two things I'm thinking about:
In clustered installs, how do we ensure the keys are distributed to all the nodes (which will need the private key) yet ensure the decrypt re-encrypt will only happen exactly once?
What happens if an OOM or power loss occurs on whatever node is being run halfway through? Since the data is encrypted, we have to be extremely careful that this is bulletproof.