Log in

No account? Create an account

Josh-D. S. Davis

Xaminmo / Omnimax / Max Omni / Mad Scientist / Midnight Shadow / Radiation Master

Previous Entry Share Next Entry
Encryption Keys
Josh 201604 KWP
Encryption keys are small, generally 4k or under.

Key management apps are generally small, a couple of megs.

The product I'm dealing with now is an encryption key manager.
5 years ago, it was a 2M JAR file.

Now, it's a 3.5G install:
A) Enterprise edition database
B) Java container system
C) Common JAVA application framework
D) Framework management application
E) Key manager

So, if you encrypt your backups, you don't get to stand up a new key manager and import your DB all in 3 hours.

You get to either recover from a bare metal backup, or you get to spend a day or so building the key manager, assuming you remember how from the last time you set it up.


Marketing should be able to dictate what basic functions are needed, but not HOW those functions are implemented. "Billy wrote this cool thing, and if more people don't use it, he'll lose his job. So, let's see what all apps we can fold into this one product so we can support jobs."

Or maybe they couldn't justify the price with it only being a 2M install.

  • 1
It could be worse... the last one I dealt with required dual key entry to install, or even start the application. And there was no recovery if you lost either half of that passphrase.

Yah, I have a love hate relationship with all things enterprise encryption. "If you lose the master key(s), it's all over. You have nothing.

This is also pretty standard in the "everything Java must be J2EE" world. And it has to have a DB because of that. Oh, and LDAP integration. And while you're at it...

It's become the Emacs of the software world.

  • 1