Hi Noriko,
i've read the changelog encryption design document. Indeed, it's a
sound idea to make AD-389 replication more robust. I have two
questions about it:
* if i understand correctly you say that the server needs a
certificate in order to generate the symmetric key. Is this key
generated only once? I mean, if we change the expired server
certificate it won't trigger the symmetric key regeneration?
* The replication changelog that contains the mixed entries
(cleartext, encrypted 3DES, encrypted AES etc) - is it still readable
by the server? Does each changelog entry contain a flag that describes
whether the entry is cleartext/AES/3DES? Can the server "detect" in
any other way whether the changelog entry is encrypted and if yes with
what type of cypher?
Thank you