dogtagpki / pki

The Dogtag Certificate System is an enterprise-class Certificate Authority (CA) which supports all aspects of certificate lifecycle management, including key archival, OCSP and smartcard management.
https://www.dogtagpki.org
GNU General Public License v2.0
378 stars 138 forks source link

Archiving already encrypted data #1613

Open pki-bot opened 4 years ago

pki-bot commented 4 years ago

This issue was migrated from Pagure Issue #1048. Originally filed by edewata (@edewata) on 2014-06-20 21:19:49:


Currently there is no way to archive a data that is already encrypted without doing additional encryption steps on both the client and server side:

Similar issue happens on retrieval as well.

Under certain scenarios (e.g. IPA), the data to be archived is already encrypted, and the KRA is located locally, so eliminating the extra encryption steps can improve the performance without reducing the level of security.

Proposed milestone: 10.3

pki-bot commented 4 years ago

Comment from mharmsen (@mharmsen) at 2014-06-24 00:28:39

Proposed Milestone per CS/DS meeting of 6/23/2014: 10.3

pki-bot commented 4 years ago

Comment from edewata (@edewata) at 2017-02-27 14:01:10

Metadata Update from @edewata: