Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Unresolved
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: None
Labels:
None

Quarter:
- FY26Q3
Binding Changes:
Not Needed
Confidence Status:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Link:
None
Goal Name(s):
None

It would be a good UX improvement to allow keyAltName in the encryptedFieldsMap instead of always requiring {{keyId}}s, and reduce the effort to get started with CSFLE since it avoids the chicken-and-egg problem where users first need to create the keys using a half-autoencryption-configured MongoClient before being able to create the main MongoClient instance.

Since this work can probably be done entirely client-side, libmongocrypt seems like a good starting point.

blocks

PHPORM-374 Enable encryptedFieldsMap configuration using keyAltName instead of random keyId

Blocked

is related to

DRIVERS-2539 createEncryptedCollection should not accept keyAltNames or keyMaterial

Closed

Assignee:: Unassigned
Reporter:: Anna Henningsen
Votes:: 2 Vote for this issue
Watchers:: 6 Start watching this issue

Created:: May 24 2022 03:27:48 PM UTC
Updated:: Aug 11 2025 04:55:15 PM UTC

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates