qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rob Godfrey (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (QPID-6017) [Java Broker] Provide a mechanism by which "secure" attributes in the configuration can be encrypted
Date Tue, 19 Aug 2014 16:15:19 GMT

     [ https://issues.apache.org/jira/browse/QPID-6017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Rob Godfrey updated QPID-6017:
------------------------------

    Status: Reviewable  (was: In Progress)

> [Java Broker] Provide a mechanism by which "secure" attributes in the configuration can
be encrypted
> ----------------------------------------------------------------------------------------------------
>
>                 Key: QPID-6017
>                 URL: https://issues.apache.org/jira/browse/QPID-6017
>             Project: Qpid
>          Issue Type: Improvement
>          Components: Java Broker
>            Reporter: Rob Godfrey
>            Assignee: Rob Godfrey
>             Fix For: 0.31
>
>
> Attributes in the configuration which contain confidential information such as passwords
are annotated as "secure" in their definition.  This is used to prevent their disclosure through
querying operations.  
> However it may be the case that this information needs to be encrypted even within the
configuration store.  In this case the key material needed to decrypt the confidential information
must be held outside the configuration mechanism (otherwise we are just shifting the problem
around).
> Deployment environments may have site specific mechanisms my which encryption may occur,
so the encryption mechanism must be pluggable and configurable at the broker (and potentially
at the virtual host node) level.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message