jclouds-notifications mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Schröder (JIRA) <j...@apache.org>
Subject [jira] [Comment Edited] (JCLOUDS-533) Add support for S3 server-side encryption
Date Fri, 06 Mar 2015 12:37:38 GMT

    [ https://issues.apache.org/jira/browse/JCLOUDS-533?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14350277#comment-14350277
] 

Christian Schröder edited comment on JCLOUDS-533 at 3/6/15 12:37 PM:
---------------------------------------------------------------------

server side encryption interacts not at all with user-provided encryption keys. The user provided
encryption keys feature is only implemented in the AWS client SDKs. It could even be combined
with each other.
User provided encryption keys could even be a blobstore-generic feature which works for all
blobstores (which treat data as opaque).

In short it works by encrypting it locally with a freshly generated key (derived from a local-key)
and adding some pieces of user metadata to recreate the key later.

UPDATE: i was mistaken... there is a feature called SSE-C where you put the key, key-md5 and
algorithm in the request headers and amazon does it's magic on the server side and they say
they do not store the keys.
http://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html


was (Author: squiddle):
server side encryption interacts not at all with user-provided encryption keys. The user provided
encryption keys feature is only implemented in the AWS client SDKs. It could even be combined
with each other.
User provided encryption keys could even be a blobstore-generic feature which works for all
blobstores (which treat data as opaque).

In short it works by encrypting it locally with a freshly generated key (derived from a local-key)
and adding some pieces of user metadata to recreate the key later.

> Add support for S3 server-side encryption
> -----------------------------------------
>
>                 Key: JCLOUDS-533
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-533
>             Project: jclouds
>          Issue Type: Improvement
>          Components: jclouds-blobstore
>    Affects Versions: 1.7.1
>            Reporter: Andrew Gaul
>              Labels: aws-s3
>




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message