You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@jclouds.apache.org by "Christian Schröder (JIRA)" <ji...@apache.org> on 2015/03/06 13:37:38 UTC

[jira] [Comment Edited] (JCLOUDS-533) Add support for S3 server-side encryption

    [ https://issues.apache.org/jira/browse/JCLOUDS-533?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14350277#comment-14350277 ] 

Christian Schröder edited comment on JCLOUDS-533 at 3/6/15 12:37 PM:
---------------------------------------------------------------------

server side encryption interacts not at all with user-provided encryption keys. The user provided encryption keys feature is only implemented in the AWS client SDKs. It could even be combined with each other.
User provided encryption keys could even be a blobstore-generic feature which works for all blobstores (which treat data as opaque).

In short it works by encrypting it locally with a freshly generated key (derived from a local-key) and adding some pieces of user metadata to recreate the key later.

UPDATE: i was mistaken... there is a feature called SSE-C where you put the key, key-md5 and algorithm in the request headers and amazon does it's magic on the server side and they say they do not store the keys.
http://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html


was (Author: squiddle):
server side encryption interacts not at all with user-provided encryption keys. The user provided encryption keys feature is only implemented in the AWS client SDKs. It could even be combined with each other.
User provided encryption keys could even be a blobstore-generic feature which works for all blobstores (which treat data as opaque).

In short it works by encrypting it locally with a freshly generated key (derived from a local-key) and adding some pieces of user metadata to recreate the key later.

> Add support for S3 server-side encryption
> -----------------------------------------
>
>                 Key: JCLOUDS-533
>                 URL: https://issues.apache.org/jira/browse/JCLOUDS-533
>             Project: jclouds
>          Issue Type: Improvement
>          Components: jclouds-blobstore
>    Affects Versions: 1.7.1
>            Reporter: Andrew Gaul
>              Labels: aws-s3
>




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)