[SERVER-79029] Create a BinData type for unencrypted redacted values like HMAC key Created: 17/Jul/23 Updated: 05/Jan/24 Resolved: 21/Jul/23 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | 7.1.0-rc0 |
| Type: | Task | Priority: | Major - P3 |
| Reporter: | William Qian | Assignee: | William Qian |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | customer-security-and-privacy-considerations | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||||||
| Sprint: | QO 2023-07-24 | ||||||||||||
| Participants: | |||||||||||||
| Description |
|
https://jira.mongodb.org/browse/SERVER-78961 discusses audit log redaction in the context of encrypted data via BinData 6. For unencrypted but sensitive data like the HMAC key, we need to create a separate BinData type for signaling such values that should always be redacted. |
| Comments |
| Comment by Geert Bosch [ 28/Jul/23 ] |
|
You can just create a pull request for the https://github.com/mongodb/bsonspec.org.git repo. You can track this with a SERVER ticket if you'd like, or just post the link here. |
| Comment by William Qian [ 28/Jul/23 ] |
|
No, I don't think so. What's the right project to file a ticket like that under? The closest thing I have is this DRIVERS ticket: https://jira.mongodb.org/browse/DRIVERS-2687 |
| Comment by Geert Bosch [ 28/Jul/23 ] |
|
This new BSON BinData type should be documented on bsonspec.org. Is there a ticket for that? william.qian@mongodb.com |
| Comment by Githook User [ 20/Jul/23 ] |
|
Author: {'name': 'William Qian', 'email': 'william.qian@mongodb.com', 'username': 'wqian94'}Message: |