You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: Readme.md
+6-6Lines changed: 6 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -1,6 +1,6 @@
1
1
## SQL Server Always Encrypted Key Store Generic Provider
2
2
3
-
This solution provide a workaroud for the SQL Server Always Encrypted feature, for interoperability between clients that do not share any common Key Store Provider. Especially, this is intended for OS interoperability (Windows/Linux) not using Azure (or with no access to Internet).
3
+
This solution provides a workaroud for the SQL Server Always Encrypted feature, for interoperability between clients that do not share any common Key Store Provider. Especially, this is intended for OS interoperability (Windows/Linux) not using Azure (or with no access to Internet).
4
4
5
5
## Always Encrypted definitions
6
6
@@ -21,7 +21,7 @@ Columns of the database are encrypted with the Column Encryption Key (CEK) using
21
21
22
22
#### Keys/Certificate Store
23
23
24
-
Always Encrypted feature comes with some builtin key store described below in following table :
24
+
Always Encrypted feature comes with some builtin key stores described below in following table :
25
25
26
26
<table>
27
27
<thead>
@@ -35,7 +35,7 @@ Always Encrypted feature comes with some builtin key store described below in fo
@@ -113,9 +113,9 @@ The following architecture schema describe in details how the SQL Server Always
113
113
114
114
From my opinion, I still do not understand the reasons for the CMK to store metadata about the provider and the key path.
115
115
116
-
Worst, I find that these metadatas reveals too much information about the key location (store provider and path).
116
+
Worst, I find that this metadata reveals too much information about the key location (store provider and path).
117
117
118
-
The generic provider used here finally from a security point of view reveals nothing about the key location. And it's finally the client responsability to provide the right information to access encrypted columns.
118
+
The generic provider used here finally from a security point of view reveals nothing about the key location. And it's finally the client responsibility to provide the right information to access encrypted columns.
119
119
120
120
<br />
121
121
@@ -212,4 +212,4 @@ Another option may relie on the IL code modification to patch any Microsoft asse
212
212
213
213
## Licence
214
214
215
-
No licence, used to document and report. Use at your own risk.
215
+
No licence, used to document and report. Use at your own risk.
0 commit comments