Home > mailing lists

Re: Where do you store key for encryption - Mailing list pgsql-general

From	David Wall
Subject	Re: Where do you store key for encryption
Date	November 18, 2009 03:23:36
Msg-id	4B0376BE.5030404@computer.org Whole thread Raw
In response to	Re: Where do you store key for encryption ("Naoko Reeves" <naoko@lawlogix.com>)
Responses	Re: Where do you store key for encryption (Bruce Momjian <bruce@momjian.us>)
List	pgsql-general

Tree view

In our open-esignforms project we use a layered approach for keys in
which we have a boot key for the application that requires dual
passwords which we then combine into a single password for PBE
encryption of the boot key.  We then have session keys that are
encrypted with the boot key, and the session keys are used to encrypt
one-up keys for encrypted blobs.

In your case, you could encrypt your key using PBE assuming you have a
way to provide the password to unlock it.  This would allow you to
protect the key with a password, which is the most basic way to go if
you don't have a keystore to use.

David

pgsql-general by date:

From: David Fetter
Date: 18 November 2009, 03:16:45
Subject: Re: passing parameters to multiple statements

From: Pavel Stehule
Date: 18 November 2009, 06:37:02
Subject: Re: cast record to array in plpgsql

Re: Where do you store key for encryption - Mailing list pgsql-general

Previous

Next