You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Bryan Pendleton (JIRA)" <ji...@apache.org> on 2013/06/25 05:22:23 UTC

[jira] [Assigned] (DERBY-4493) encryptionAlgorithm is ignored at boot, but Documentation states it is required

     [ https://issues.apache.org/jira/browse/DERBY-4493?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Bryan Pendleton reassigned DERBY-4493:
--------------------------------------

    Assignee:     (was: Bryan Pendleton)

Wow I forgot about this one! I'm not actively working on it, so marked as unassigned. From the comments in the issue, the proposed documentation text was acceptable to the community.
                
> encryptionAlgorithm is ignored at boot, but Documentation states it is required
> -------------------------------------------------------------------------------
>
>                 Key: DERBY-4493
>                 URL: https://issues.apache.org/jira/browse/DERBY-4493
>             Project: Derby
>          Issue Type: Bug
>          Components: Documentation
>    Affects Versions: 10.5.3.0
>         Environment: Windows XP SP3 / JRE 1.5 / Derby 10.5.3.0 embedded.
>            Reporter: Sven Pedersen
>            Priority: Minor
>              Labels: derby_triage10_11
>
> The documentation @ http://db.apache.org/derby/docs/10.5/devguide/tdevdvlp40140.html
> states that 
> "If the algorithm that was used when the database was created is not the default algorithm, you must also specify the encryptionAlgorithm attribute"
> yet when I gave the wrong value of "DES/CBC/NoPadding", having created the database with "DESede", it booted without a problem. I was concerned that it might not have actually encrypted with the correct algorithm, given this Java bug:
> http://forums.sun.com/thread.jspa?threadID=5129170&start=15
> I was concerned that it might not use strong (>128 bit) encryption. Other people may be similarly concerned about what the documentation seems to say, given the behavior of the code. I think that statement in quotes should be removed entirely, and one stating something to the effect of 
> "Just supply the bootPassword or encryptionKey attributes to boot the database."
> Should replace it.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira