Project

Profile

Help

Story #9397

As a user I want to be able to rotate my encryption keys and rekey my informations

Added by spredzy 3 months ago. Updated 2 months ago.

Status:
NEW
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

Pulp 3.15 brings the support for encrypting fields in the DB. This is a great step toward better security practices. Thanks team for that.

In order to go a step further with security best-practices, I would like to be able to rotate my keys periodically, and hence rekey my data.

As it's stand today I haven't see a way to do this.

History

#1 Updated by mdellweg 2 months ago

We should provide a pulpcore-manager command to replace the key.

Also there should be a strategy how to rekey in a clustered environment.

#2 Updated by daviddavis 2 months ago

mdellweg wrote:

We should provide a pulpcore-manager command to replace the key.

+1. How will the command work? What options will it take?

Also there should be a strategy how to rekey in a clustered environment.

Maybe we should file another issue for this? Or turn this into an epic with subtasks?

#3 Updated by bmbouter 2 months ago

+1 to an epic with subtasks.

Also just to state it: It's both the changing of the key and the decrypt-re-encrypt of data in the database. Also here are two things I'm thinking about:

  1. In clustered installs, how do we ensure the keys are distributed to all the nodes (which will need the private key) yet ensure the decrypt re-encrypt will only happen exactly once?

  2. What happens if an OOM or power loss occurs on whatever node is being run halfway through? Since the data is encrypted, we have to be extremely careful that this is bulletproof.

#4 Updated by dkliban@redhat.com 2 months ago

  • Tracker changed from Issue to Story
  • % Done set to 0
  • Severity deleted (2. Medium)
  • Triaged deleted (No)

#5 Updated by fao89 2 months ago

I believe this may involve pulpcore, pulp_installer and pulp-operator work

Please register to edit this issue

Also available in: Atom PDF