The attributes API came out of a requirement for a consulting project that all data be encrypted at rest even if DB was compromised @sgrif
-
-
Replying to @patio11
(Ask me about this topic! You don't have to do it in application layer, and may not want to.)
2 replies 0 retweets 3 likes -
Replying to @patio11
(I do it by putting DB's backing days files on encrypted file system using encryptfs. If disk is compromised when *not in use* no biggie.)
2 replies 0 retweets 8 likes -
Replying to @patio11
how do you handle keys/passphrases? Having to SSH in whenever the server reboots makes me not want to do this
2 replies 0 retweets 0 likes
Replying to @patfigel
I do exactly that. Other options are "pull them from a server which rigorously logs/audits/authorizes access to secrets."
8:55 AM - 8 Jul 2016
from Brighton, England
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.