Skip to content

Commit 6dc25a9

Browse files
authored
Merge pull request #1 from witheej/patch-1
Thanks for your contribution
2 parents 51a1c79 + d12c987 commit 6dc25a9

File tree

1 file changed

+6
-6
lines changed

1 file changed

+6
-6
lines changed

Readme.md

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
## SQL Server Always Encrypted Key Store Generic Provider
22

3-
This solution provide a workaroud for the SQL Server Always Encrypted feature, for interoperability between clients that do not share any common Key Store Provider. Especially, this is intended for OS interoperability (Windows/Linux) not using Azure (or with no access to Internet).
3+
This solution provides a workaroud for the SQL Server Always Encrypted feature, for interoperability between clients that do not share any common Key Store Provider. Especially, this is intended for OS interoperability (Windows/Linux) not using Azure (or with no access to Internet).
44

55
## Always Encrypted definitions
66

@@ -21,7 +21,7 @@ Columns of the database are encrypted with the Column Encryption Key (CEK) using
2121

2222
#### Keys/Certificate Store
2323

24-
Always Encrypted feature comes with some builtin key store described below in following table :
24+
Always Encrypted feature comes with some builtin key stores described below in following table :
2525

2626
<table>
2727
<thead>
@@ -35,7 +35,7 @@ Always Encrypted feature comes with some builtin key store described below in fo
3535
<tr>
3636
<td>MSSQL_CERTIFICATE_STORE</td>
3737
<td><a href="https://docs.microsoft.com/en-us/dotnet/api/system.data.sqlclient.sqlcolumnencryptioncertificatestoreprovider?view=netframework-4.7.2">SqlColumnEncryptionCertificateStoreProvider</a></td>
38-
<td>Represent the Windows Certificate Store</td>
38+
<td>Represents the Windows Certificate Store</td>
3939
</tr>
4040
<tr>
4141
<td>MSSQL_CNG_STORE</td>
@@ -113,9 +113,9 @@ The following architecture schema describe in details how the SQL Server Always
113113

114114
From my opinion, I still do not understand the reasons for the CMK to store metadata about the provider and the key path.
115115

116-
Worst, I find that these metadatas reveals too much information about the key location (store provider and path).
116+
Worst, I find that this metadata reveals too much information about the key location (store provider and path).
117117

118-
The generic provider used here finally from a security point of view reveals nothing about the key location. And it's finally the client responsability to provide the right information to access encrypted columns.
118+
The generic provider used here finally from a security point of view reveals nothing about the key location. And it's finally the client responsibility to provide the right information to access encrypted columns.
119119

120120
<br />
121121

@@ -212,4 +212,4 @@ Another option may relie on the IL code modification to patch any Microsoft asse
212212

213213
## Licence
214214

215-
No licence, used to document and report. Use at your own risk.
215+
No licence, used to document and report. Use at your own risk.

0 commit comments

Comments
 (0)