[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Database encryption (was: commit: ldap/doc/man/man5 slapd-bdb.5)
- To: OpenLDAP Commit <openldap-devel@openldap.org>
- Subject: Database encryption (was: commit: ldap/doc/man/man5 slapd-bdb.5)
- From: Russ Allbery <rra@stanford.edu>
- Date: Sun, 16 Dec 2007 23:23:04 -0800
- In-reply-to: <47662069.6010205@symas.com> (Howard Chu's message of "Sun\, 16 Dec 2007 23\:08\:25 -0800")
- Organization: The Eyrie
- References: <200712151820.lBFIKZQp065112@cantor.openldap.org> <47662069.6010205@symas.com>
- User-agent: Gnus/5.11 (Gnus v5.11) Emacs/22.1 (gnu/linux)
Howard Chu <hyc@symas.com> writes:
> I doubt it, of course. It exacts a performance penalty on every DB
> operation, so I don't think anyone will be able to use this
> long-term. For the off-site backup scenario, it makes more sense to just
> encrypt the backup images (tar format or whatever backup utility is
> used). That way you only spend cycles on encryption once, at backup
> time. Any site that's savvy enough to do automated backups can certainly
> figure out how to protect those backups with encryption.
The one place where I could see using this is if one is using OpenLDAP as
the backend to a Kerberos KDC. It's considered best practice right now to
always encrypt the KDC database at rest on disk, and some sites even
require an administrator be present with a USB key to unlock the database
whenever a KDC has to be rebooted. Given the increasing interest in using
LDAP as a backend store for the KDC, this may be a simpler method for
providing equivalent KDC security without encrypting various bits of data
individually.
--
Russ Allbery (rra@stanford.edu) <http://www.eyrie.org/~eagle/>