Hi Bruno,
Each extent and tranlog has it's own (symmetric) session key, stored
in the file in encrypted format.
Each session keys for each extent and tranlog is (asymetric)
encrypted with the same public key and (asymetric) decrypted with
the same private key (the private key used to start the stone).
So you only need 1 public/private key pair to access any extent or
tranlog, but the session key for each extent or tranlog is
different.
Does that make sense?
Norm
On 5/13/2021 10:07 AM, Bruno Buzzi
Brassesco via Glass wrote:
Hi,
After reading the SysAdminGuide on encryption I have a
couple of questions to clarify some concepts:
1) Are Tranlogs encrypted with the same key passed as
argument to startstone ?
(I think not, from manual:"Transaction logs written by a
Stone using encrypted extents are written in encrypted form,
using the same keypair as the extents.")
Maybe my confusion is with the Sessions keys of each extent...
2) If there are multiple extents then which key pair is
used to encrypt the tranlog ?
(because each extent has it own key, from manual: "Each extent
has its own unique session key.")
regards,
bruno
_______________________________________________
Glass mailing list
[hidden email]
https://lists.gemtalksystems.com/mailman/listinfo/glass
_______________________________________________
Glass mailing list
[hidden email]
https://lists.gemtalksystems.com/mailman/listinfo/glass
Locked
