aboutsummaryrefslogtreecommitdiff
path: root/docker
diff options
context:
space:
mode:
authorQuentin Dufour <quentin@deuxfleurs.fr>2020-05-30 22:32:53 +0200
committerQuentin Dufour <quentin@deuxfleurs.fr>2020-05-30 22:32:53 +0200
commit701da9ef260f3f451bd73f5829109652e587015a (patch)
tree00b5f6a0851266efcdc5931404580f7c6e53963a /docker
parentf9fb0c7d85c7e5f9b446bfa1efeac4855d37d67e (diff)
downloadinfrastructure-701da9ef260f3f451bd73f5829109652e587015a.tar.gz
infrastructure-701da9ef260f3f451bd73f5829109652e587015a.zip
WIP readme
Diffstat (limited to 'docker')
-rw-r--r--docker/bckp/README.md1
1 files changed, 1 insertions, 0 deletions
diff --git a/docker/bckp/README.md b/docker/bckp/README.md
index b0b1b85..2ba9079 100644
--- a/docker/bckp/README.md
+++ b/docker/bckp/README.md
@@ -24,3 +24,4 @@ go run ./kv_to_s3.go
- Est ce qu'on a besoin d'authentication ?
- Oui en fait il y a plein d'attaques apparemment
- https://blog.minio.io/data-at-rest-encryption-done-right-7446c644ddb6 --> Minio a sa solution mais elle a des requirements bizarres (une clé par fichier, il faut donc un HKDF)
+ - https://www.imperialviolet.org/2017/05/14/aesgcmsiv.html --> AES GCM SIV does not break crypto if you reuse nonces (but you should still try to supply unique ones to have different cipher if you encode the same plaintext twice)