[SERVER-76424] Change option names from redact to applyHmac Created: 21/Apr/23 Updated: 02/Feb/24 Resolved: 03/May/23 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 7.1.0-rc0 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | Colby Ing | Assignee: | Ted Tuckman |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Sprint: | QI 2023-05-01, QI 2023-05-15 | ||||||||
| Participants: | |||||||||
| Description |
|
Summary This requires changing the option name for the following options: (1) redactIdentifiers -> applyHmacToIdentifiers (2) redactionKey -> hmacKey
Invoking a command would look like:
Motivation The commonly accepted security definition of 'redaction' means to remove completely. Because we are hashing with HMAC, 'transformed' is a more accurate term to use. Even though this is a purely internal use, we care about the parameter names because calls to $queryStats are found in the audit log, which customers will have access to. We will look to the $queryStat entries in the audit log in order to prove to customers we are in fact safely transforming their data to ensure the highest standards of customer data security and privacy. |
| Comments |
| Comment by Githook User [ 02/Feb/24 ] |
|
Author: {'name': 'Erin Zhu', 'email': 'erin.zhu@mongodb.com', 'username': 'erinzhu001'}Message: Includes community changes from and enterprise changes from GitOrigin-RevId: f424d1b1848f85581a870c061b1231219748c00c |
| Comment by Githook User [ 03/May/23 ] |
|
Author: {'name': 'Ted Tuckman', 'email': 'ted.tuckman@mongodb.com', 'username': 'TedTuckman'}Message: |