You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As a security conscious user of the sensitive data arcive,
I want to see that the archive can rotate encryption keys
so that security can be maintained.
Sub user story
As an sda-dev
I want to implement multiple-key support for the verify services
so that repository key rotation can be enabled.
Description
Verify should be able to load a directory of public/private key pairs instad of just a specific one.
For verify to pass for a file it should look up the hash of the key used to encrypt a file from the database and should then try to decrypt the file with that specific key.
Acceptance criteria
Demonstrate ingestion and verification of encrypted files with two different archive c4gh private keys.
Main user story
As a security conscious user of the sensitive data arcive,
I want to see that the archive can rotate encryption keys
so that security can be maintained.
Sub user story
As an sda-dev
I want to implement multiple-key support for the verify services
so that repository key rotation can be enabled.
Description
Acceptance criteria
Extra information
This issue was split off from issue #787.
Note: key rotation miro board here
The text was updated successfully, but these errors were encountered: