Project

Profile

Help

Story #9397

closed

As a user I want to be able to rotate my encryption keys and rekey my informations

Added by spredzy over 2 years ago. Updated about 2 years ago.

Status:
CLOSED - DUPLICATE
Priority:
Normal
Assignee:
-
Category:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

Ticket moved to GitHub: "pulp/pulpcore/2048":https://github.com/pulp/pulpcore/issues/2048


Pulp 3.15 brings the support for encrypting fields in the DB. This is a great step toward better security practices. Thanks team for that.

In order to go a step further with security best-practices, I would like to be able to rotate my keys periodically, and hence rekey my data.

As it's stand today I haven't see a way to do this.

Actions #1

Updated by mdellweg over 2 years ago

We should provide a pulpcore-manager command to replace the key.

Also there should be a strategy how to rekey in a clustered environment.

Actions #2

Updated by daviddavis over 2 years ago

mdellweg wrote:

We should provide a pulpcore-manager command to replace the key.

+1. How will the command work? What options will it take?

Also there should be a strategy how to rekey in a clustered environment.

Maybe we should file another issue for this? Or turn this into an epic with subtasks?

Actions #3

Updated by bmbouter over 2 years ago

+1 to an epic with subtasks.

Also just to state it: It's both the changing of the key and the decrypt-re-encrypt of data in the database. Also here are two things I'm thinking about:

  1. In clustered installs, how do we ensure the keys are distributed to all the nodes (which will need the private key) yet ensure the decrypt re-encrypt will only happen exactly once?

  2. What happens if an OOM or power loss occurs on whatever node is being run halfway through? Since the data is encrypted, we have to be extremely careful that this is bulletproof.

Actions #4

Updated by dkliban@redhat.com over 2 years ago

  • Tracker changed from Issue to Story
  • % Done set to 0
  • Severity deleted (2. Medium)
  • Triaged deleted (No)
Actions #5

Updated by fao89 over 2 years ago

I believe this may involve pulpcore, pulp_installer and pulp-operator work

Actions #6

Updated by pulpbot about 2 years ago

  • Description updated (diff)
  • Status changed from NEW to CLOSED - DUPLICATE

Also available in: Atom PDF