- π³πΏNew Zealand quietone
The core ideas project is deprecated, moving to core. There is a similar core issue,
Drupal is making more and more ground in the enterprise space.
One feature that is commonly requested by corporate IT departments is the ability to encrypt or obfuscate personal information in the database.
This applies to things like name, date of birth, email and other privacy issues, but also applies to things like TFA secrets where inadvertent disclosure via database breach could lead to compromise.
Drupal has always lead the way in security, Drupal 8 is no exception.
Add support for making field API fields encrypted in the database
For PHP 7.2+ we should use the baked in lib-sodium extension (yay for simple and secure encryption baked into php).
For earlier versions we should use defuse/php-encryption v2.x.
The private key would be written to settings.php just like the hash salt - ensuring it isn't kept in the database.
Decide if this is a worthy feature.
Come up with a plan
None
New flag for configurable and base fields to allow developers and site-builders to nominate a field as encrypted.
Fields marked as encrypted will be encrypted before written to the database, and decrypted when loaded from the database.
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
The core ideas project is deprecated, moving to core. There is a similar core issue,