Story #9397
closed
As a user I want to be able to rotate my encryption keys and rekey my informations
Status:
CLOSED - DUPLICATE
Description
Ticket moved to GitHub: "pulp/pulpcore/2048":https://github.com/pulp/pulpcore/issues/2048
Pulp 3.15 brings the support for encrypting fields in the DB. This is a great step toward better security practices. Thanks team for that.
In order to go a step further with security best-practices, I would like to be able to rotate my keys periodically, and hence rekey my data.
As it's stand today I haven't see a way to do this.
We should provide a pulpcore-manager command to replace the key.
Also there should be a strategy how to rekey in a clustered environment.
mdellweg wrote:
We should provide a pulpcore-manager command to replace the key.
+1. How will the command work? What options will it take?
Also there should be a strategy how to rekey in a clustered environment.
Maybe we should file another issue for this? Or turn this into an epic with subtasks?
+1 to an epic with subtasks.
Also just to state it: It's both the changing of the key and the decrypt-re-encrypt of data in the database. Also here are two things I'm thinking about:
-
In clustered installs, how do we ensure the keys are distributed to all the nodes (which will need the private key) yet ensure the decrypt re-encrypt will only happen exactly once?
-
What happens if an OOM or power loss occurs on whatever node is being run halfway through? Since the data is encrypted, we have to be extremely careful that this is bulletproof.
- Tracker changed from Issue to Story
- % Done set to 0
- Severity deleted (
2. Medium)
- Triaged deleted (
No)
I believe this may involve pulpcore, pulp_installer and pulp-operator work
- Description updated (diff)
- Status changed from NEW to CLOSED - DUPLICATE
Also available in: Atom
PDF
.