look into django-fernet-fields to encrypt data at rest

project-callisto / callisto-core

Report intake, escrow, matching and secure delivery code for Callisto, an online reporting system for sexual assault.

https://www.projectcallisto.org

GNU Affero General Public License v3.0

137 stars 54 forks source link

look into django-fernet-fields to encrypt data at rest #62

Open kelseyq opened 8 years ago

kelseyq commented 8 years ago

https://django-fernet-fields.readthedocs.io/en/latest/

kelseyq commented 8 years ago

cc @swenson

swenson commented 8 years ago

Oh, that looks neat @kelseyq -- I like it.

I think it would be easy enough to modify this to use something like AWS KMS to control access to the keys, I think -- as part of the application startup, it generates new keys from KMS, adds them to the list of keys, and eventually rotates the keys.