Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Data Protection - how to manage expired key? #3658

Closed
kevinlo opened this issue Oct 17, 2018 · 3 comments
Closed

Data Protection - how to manage expired key? #3658

kevinlo opened this issue Oct 17, 2018 · 3 comments
Assignees
@javiercn
Labels
question

Comments

@kevinlo
Copy link

kevinlo commented Oct 17, 2018

I post the question on stackoverflow but I don't get any answer. I post here to see if someone can answer me.

According to ASP.NET Key Management,:

Deleting a key is truly destructive behavior, and consequently the data protection system exposes no first-class API for performing this operation.

Is the expired key still being used to unprotect data previously protected by that key even that key is expired?

Are the expired key kept forever even it might not have any more data protected by it?

I need to write a custom IXmlRepository to store the keys in the Couchbase. I read the RedisXmlRepository codes, the StoreElement just appends the new element to the existing key value and the GetAllElementsCore returns the array of values of that key.

For Couchbase, I can do the similar to create one document and append sub-document to it. However, Couchbase has a 20MB size limit for each document. Although the size of the key XML is not large, it may reach that limit one day if the key is never deleted.

Is it a bad practice to delete the key even it is not needed to unprotect any data? I think currently we need it for the cookie authentication only. The worse case of deleting the key is the user may need to relogon. What else from ASP.NET Core need the data protection by default?
@mkArtakMSFT
Copy link
Member

Thanks for contacting us, @kevinlo.
@javiercn, can you please answer the above questions? Thanks!

@blowdart
Copy link
Contributor

Is the expired key still being used to unprotect data previously protected by that key even that key is expired?

Yes.

Are the expired key kept forever even it might not have any more data protected by it?

Yes, because we have no way of knowing how you used it, or whether any data still exists.

Is it a bad practice to delete the key even it is not needed to unprotect any data?

Probably not, but you as the developer can use data protection for your own data. We can't know whether you did or not.

What else from ASP.NET Core need the data protection by default?

Parts of OAuth login flow, session and temp data. But those are really short lived.

@kevinlo
Copy link
Author

kevinlo commented Oct 17, 2018

@blowdart Thanks for answering my questions. It is just that ASP.NET Core does not know when the key is not used so it won't delete it. For us the developer who knows how our applications work, we need to decide when the key should be deleted or if it can be deleted.

I can set KeyManagementOptions.NewKeyLifetime and set the Couchbase TTL at certain time after the key expired to delete it.

I'll close this issue.

@kevinlo kevinlo closed this as completed Oct 17, 2018
@ghost ghost locked as resolved and limited conversation to collaborators Dec 3, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@javiercn javiercn

Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@blowdart @kevinlo @javiercn @mkArtakMSFT