[OPENDJ-448] Import or Export LDIF file as encrypted or hash/signed. Created: 12/Mar/12  Updated: 08/Nov/19

Status: Dev backlog
Project: OpenDJ
Component/s: backends, core server, security
Affects Version/s: 2.6.0
Fix Version/s: None

Type: New Feature Priority: Minor
Reporter: Gary Williams Assignee: Unassigned
Resolution: Unresolved Votes: 1
Labels: None

Support Ticket IDs:

 Description   

Import or Export tools currently don't import/export an LDIF file as encrypted or hash/signed data.

See the following in LDIFExportConfig#getWriter.

// See if we should encrypt the output.
if (encryptData)

{ // FIXME -- Implement this. }

 Comments   
Comment by Matthew Swift [ 12/Mar/12 ]

For 2.5.0 we should at least hide the options even if we do want to implement the functionality some day.

Comment by Matthew Swift [ 15/Mar/12 ]

Hi Ludo

I would be interested to hear your thoughts on this with your PM hat on

It's targeted at 2.5.0 because we should make some kind of decision for 2.5.0, even if it means we don't implement anything:

  1. decide that this is a feature we want to implement at some point:
    • action item: remove options from the export tool
    • action item: postpone issue to 2.Next
  2. decide that this is a feature we do not want to implement at some point:
    • action item: remove options from the export tool
    • action item: close issue as WONT FIX.

My opinion is that I don't see a particularly strong use case for this functionality.

Comment by Ludovic Poitou [ 15/Mar/12 ]

I think this is a feature that we want to implement at some point.
The use case will be for multi-tenant services, where one customer would want to export his own data to LDIF through a service but make sure no one can see or tamper the data.
It is also important to have consistant features whether you export to LDIF or backup.

Let's postpone to 2.Next.

Back to you, Matt

Comment by Matthew Swift [ 06/Jan/16 ]

Re-opening for re-evaluation.

Comment by Matthew Swift [ 13/Jan/16 ]

Backup and restore already provide encryption/signing/hashing support, so there is an opportunity for code re-use.

See: org.opends.server.util.BackupManager.CryptoEngine

Generated at Fri Oct 23 09:15:40 UTC 2020 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.