On Thu, Dec 20, 2007 at 03:35:42PM -0500, Merlin Moncure wrote:
>
> Key management is an issue but easily solved. Uber simple solution is
> to create a designated table holding the key(s) and use classic
> permissions to guard it.
Any security expert worth the title would point and laugh at that
suggestion. If the idea is that the contents have to be encrypted to
protect them, then it is just not acceptable to have the encryption keys
online. That's the sort of "security" that inevitably causes programs to
get a reputation for ill-thought-out protections.
A