<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:24:44 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DRIVERS-2107] Add rationale for algorithm being separate from data key and clarify future algorithm support</title>
                <link>https://jira.mongodb.org/browse/DRIVERS-2107</link>
                <project id="10980" key="DRIVERS">Drivers</project>
                    <description>&lt;p&gt;It is my impression that generally in crypto, a particular encryption algorithm mandates one or one of several specific  encryption key sizes. In the CSE spec, the encryption algorithm is provided during encryption and not during key creation, thus it appears that any key may be used with any algorithm. This seems strange in light of the key size dependency on algorithm.&lt;/p&gt;

&lt;p&gt;The current CSE spec makes sense if one considers that it implements a single algorithm (AEAD_AES_256_CBC_HMAC_SHA_512 per &lt;a href=&quot;https://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2-05&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2-05&lt;/a&gt;) and two variations of it, a probabilistic and a deterministic one. Since the algorithm (in the general crypto sense of this term) is fixed and only one is available, the variation may be specified during encryption and not during key creation. However, this is not immediately obvious and raises the question of why the spec appears to not be future proof to support algorithms requiring different (e.g. larger) key sizes.&lt;/p&gt;

&lt;p&gt;Can the spec be clarified to include the following information, either as material spec changes or rationale section comments:&lt;/p&gt;

&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Will a different crypto algorithm, requiring longer keys, be implementable given the existing specification? If so, how is this envisioned? If not, why is this not a supported use case?&lt;/li&gt;
	&lt;li&gt;That the &quot;algorithms&quot;, as used by the specification, is really variations of the same algorithm rather than principally different algorithms? If there is a more appropriate crypto term to refer to these variations, perhaps it can be used instead of &quot;algorithm&quot;.&lt;/li&gt;
&lt;/ul&gt;
</description>
                <environment></environment>
        <key id="993076">DRIVERS-2107</key>
            <summary>Add rationale for algorithm being separate from data key and clarify future algorithm support</summary>
                <type id="14901" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14700&amp;avatarType=issuetype">Spec Change</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="10038" iconUrl="https://jira.mongodb.org/images/icons/subtask.gif" description="">Backlog</status>
                    <statusCategory id="2" key="new" colorName="default"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="-1">Unassigned</assignee>
                                    <reporter username="oleg.pudeyev@mongodb.com">Oleg Pudeyev</reporter>
                        <labels>
                    </labels>
                <created>Thu, 7 Nov 2019 21:54:25 +0000</created>
                <updated>Thu, 31 Mar 2022 13:54:54 +0000</updated>
                                                                <component>Client Side Encryption</component>
                                        <votes>0</votes>
                                    <watches>3</watches>
                                                                                                                <comments>
                            <comment id="2523636" author="behackett" created="Thu, 7 Nov 2019 23:27:45 +0000"  >&lt;p&gt;&lt;a href=&quot;https://jira.mongodb.org/secure/ViewProfile.jspa?name=kenneth.white&quot; class=&quot;user-hover&quot; rel=&quot;kenneth.white&quot;&gt;kenneth.white&lt;/a&gt;, any thoughts on this?&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                                                <inwardlinks description="is depended on by">
                                                        </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="993086">DRIVERS-2051</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                            <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_10951" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Driver Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10748"><![CDATA[Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|hvpezz:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        </customfields>
    </item>
</channel>
</rss>