Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Format v2] Upgrade mechanism #208

Open
commial opened this issue Jul 22, 2024 · 0 comments
Open

[Format v2] Upgrade mechanism #208

commial opened this issue Jul 22, 2024 · 0 comments
Labels
mlar Concerns the mlar utility
Milestone
Format v2

Comments

@commial
Copy link
Contributor

commial commented Jul 22, 2024

Add the possibility to upgrade from a format v1 to a format v2 in mlar.

This could be part of the convert command line or a dedicated upgrade_v1_to_v2 sub-action.
In the current draft of the format v2, the upgrade consists of:

A possibility is to only update the first bytes of the layer, without re-encrypting the whole archive. But this solution:

  • does not renew the key, which might not be expected
  • could be problematic if some PQC key for recipients are missing

The preferred method for now would be like convert, ie. re-encrypting the whole archive with new keys materials.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
mlar Concerns the mlar utility
Projects
None yet
Milestone
Format v2
Development

No branches or pull requests
1 participant
@commial