What I have read about it is: encrypt PII with a client-depending key, do not po... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		javcasas 57 days ago \| parent \| context \| favorite \| on: Event Sourcing, CQRS and Micro Services: Real FinT... What I have read about it is: encrypt PII with a client-depending key, do not post the key to the event system. When an erasure request comes in, delete the corresponding key. Now the data cannot be decrypted anymore for that client.

Netcob 56 days ago | [–]

That's what I said too, and the answer was "No, just because it cannot be decrypted today does not mean it cannot be decrypted in the future. The data must be deleted"

mattmanser 57 days ago | [–]

That is some serious architecture to put in place before you can even start using event sourcing.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact