on 2011 Apr 15 1:23 PM
This is another follow-up to this question.
At the risk of pushing the limits of the "personal questions per day" ratio I would like to know whether a SQL Remote instance (consolidated or remote) needs all relevant files have equally encrypted.
With relevant files, I'm refering to the database file(s), the current translog (and mirror) and all old log files that may be used to resend messages.
I'm citing from an older NNTP thread ("Questions about encryption of existing databases in a SQL Remote setup" started 2006-09-19)
So far, we have used simple encryption for all dbs. Now I'm figuring out if I could strengthen the system's security by choosing strong encryption.
My questions:
Do I have to choose the same type of encryption for all dbs, or can different dbs be encrypted differently? (I guess they are independent.)
Would it be sufficient to execute the "CREATE ENCRYPTED FILE statement" for a db and its log(s), or would this change log offsets and the like?
The docs say: "If a database is encrypted using this statement, the corresponding transaction log file (and any dbspaces) must also be encrypted with the same algorithm and key in order to use the database." What about the old logs in a SQL Remote setup that may be used in order to resend operations - do they have to be encrypted, too, or is this only necessary for the current log (and - in case of recovery - for logs that must be reapplied)?
Are there any consequences for DBXTRACT if I want to reextract from a strongly encrypted consolidated db into a simply encrypted remote (besides I have to specify the key in the connection parameters for the cons)? (Note: I do not use -ac or -ac, extracting is done via a reload.sql file.)
And the answer that Reg has given:
This is going un-answered, so let me spend a few minutes and answer to the best of my ability without actually trying out the things I'm suggesting...
- You can use a different type of encryption at each site.
- I do not believe that CREATE ENCRYPTED FILE will change the log offsets of the database file.
- All the old logs that SQL Remote may scan must be encrypted as well.
- No, this should be fine. ...
Question:
According to current tests with a 12.0.1 cons (strongly encrypted) and a 8.0.3 remote that has incidentally lost old messages, the cons can use their old (and simply encrypted) v8 logs without problems when having to re-scan them to re-send messages.
So it seems unnecessary to change the encryption of those old log files (which is fine, as it seems not even possible to do so - see the question above).
So I would need to know whether the answer to point 3 is not valid (or no more valid in the combination v12/v8).
For obvious reasons, I would need a clear statement as I do not want to risk to have lots of remotes re-extracted in case messages get lost. And we do have lots of old log files still waiting to be confirmed...
(Sidenote: I'm aware that scanning pre-v10 logs is done in a different way then scanning v10+ logs. May this be the reason that there is possibly no need to use the same encryption here?)
When changing your encryption scheme on a database involved in synchronization or replication, there are some things that will work, and some things that won't.
I've attached a ZIP file that shows this in action. Just unzip the contents into an EMPTY directory, then edit the rep.bat file and change the following two lines to point to v8 and v12 SA installs on your computer.
set SA8=c:\\sybase\\asa803\\win32
set SA12=c:\\sybase\\asa12m\\bin32
Next, open a DOS prompt, CD into the directory when the files exist, and type "rep". The sample will set up a V8 replicating environment, and then upgrade the simply encrypted v8 databases to strongly encrypted v12 databases, ensuring that there are operations in the offline simply encrypted v8 transaction logs and offline strongly encrypted v12 transaction logs that still need to replicate. Finally, the v12 dbremote process will run and process operations from all the offline logs.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Well, if you call that a "non-immediate" answer, how fast are your responses usually?
Thanks a lot for clarifying the behaviour of my tests. I won't be able to do some tests currently but do understand the situation.
From your answer, I conclude that only if I would change from one strong encryption key to another one, then I would have to re-encrypt the old logs. And that would be doable with V8/V9 logs, too, whereas encrypting them from simple to strong is doomed to fail, as Graeme has stated.
User | Count |
---|---|
68 | |
8 | |
8 | |
6 | |
6 | |
6 | |
6 | |
6 | |
6 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.