hyc@OpenLDAP.org wrote:
Update of /repo/OpenLDAP/pkg/ldap/doc/man/man5
Modified Files: slapd-bdb.5 1.38 -> 1.39
Log Message: Support DB encryption
When this topic was first raised, I thought it was pretty useless:
http://www.openldap.org/lists/openldap-software/200202/msg00232.html
And in general, it's not even a necessary feature:
http://www.openldap.org/lists/openldap-devel/200211/msg00045.html
But it seems to be a checklist feature these days.
It may actually provide some value to sites that do regular backups of their raw DB files. It may actually be useful in some cases where you provide an encryption key on separate removable media (e.g. a USB flash drive). It might actually prevent a news article down the road on how some organization lost their 5 million record customer database and now all that unprotected data is now being exploited by criminals.
I doubt it, of course. It exacts a performance penalty on every DB operation, so I don't think anyone will be able to use this long-term. For the off-site backup scenario, it makes more sense to just encrypt the backup images (tar format or whatever backup utility is used). That way you only spend cycles on encryption once, at backup time. Any site that's savvy enough to do automated backups can certainly figure out how to protect those backups with encryption.
But the question comes up from time to time, why we don't offer this feature in the DB itself, and sometimes it's easier to just say "ok" than try to educate people. (In fact we did a custom build of OpenLDAP for a bank a few years ago, that requested this feature from us. They didn't even care about the key management, the key was just a 96 character string hardcoded into the back-bdb patch. The current patch in CVS is obviously a little better than that.)
So anyway, if you're wondering, no, I still think it's a dumb solution. It's here as a marketing gimmick, for feature list checkboxes, not for any technical merit.