What's the CMK?

  • Comments posted to this topic are about the item What's the CMK?

  • Really interesting, thanks Steve

    Learned something today

    ____________________________________________
    Space, the final frontier? not any more...
    All limits henceforth are self-imposed.
    “libera tute vulgaris ex”

  • I guessed wrong based on this sentence in the documentation:

    A column master key should be an asymmetric key (a public/private key pair), using the RSA algorithm.

    I didn't find anything in the referenced document about symmetric or asymmetric...

     

  • So if you are using an asymmetric key from a Hardware Security Module as the CMK, it somehow can be called a certificate?

    I don't agree with this answer.

  • A certificate is an asymmetric key.

  • OK, a certificate is an asymmetric key.  But does that make all asymmetric keys certificates?

    I still do not agree with the answer that the CMK can only be a certificate.

  • Not all asymmetric keys are certificates, but from what I've seen with HSMs, they use certificates, precisely because of the metadata of the expiration date. If that's documented elsewhere differently, that's fine, but all the AE docs reference certificates.

  • timwell wrote:

    I guessed wrong based on this sentence in the documentation:

    A column master key should be an asymmetric key (a public/private key pair), using the RSA algorithm.

    I didn't find anything in the referenced document about symmetric or asymmetric...  

     

    Same here - why is 'An RSA asymmetric key' the wrong answer?

  • RSA was a poor choice, and actually might be correct. The documentation isn't clear here, but developers can write their own implementation of a key store, which could be an RSA key. As of this time, that's not an option that I know of, but I could be wrong.

    I've edited the question to remove the RSA key.

     

Viewing 9 posts - 1 through 8 (of 8 total)

You must be logged in to reply to this topic. Login to reply