On 1/30/2011 8:33 PM, Marc Dojka wrote:
> On Sun, Jan 30, 2011 at 8:22 PM, Dan Langille <dan AT langille DOT org
> <mailto:dan AT langille DOT org>> wrote:
>
>     On 1/28/2011 6:24 PM, Marc Dojka wrote:
>
>         Hi all,
>
>         I think I already have the answer, but wanted to double check.
>           It's not
>         possible to have the private key for data encryption password
>         protected,
>         correct.  Thanks.
>
>
>     What concern are you trying to resolve by having some kind of
>     encryption?
>
>     --
>     Dan Langille - http://langille.org/
>
>

It is much easier to follow conversation if you reply at the bottom.

 > For the backups:  The media is stored at an offsite location.  When
 > the  media leaves my control, all data must be encrypted.  This is
 > for policy reasons, insurance reasons, and ensures confidentiality of
 > customer information as well as HR records.

OK, so this is why you encrypt the backup.

 > For the keys:  So even if both the backups and the keys are
 > compromised, they are unusable without the private key password.

I keep thinking, the private key (used only for decryption) does not 
need to be on the FD... only the public key (the one used for encryption).

Can someone confirm?


-- 
Dan Langille - http://langille.org/

------------------------------------------------------------------------------
Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
Finally, a world-class log management solution at an even better price-free!
Download using promo code Free_Logger_4_Dev2Dev. Offer expires 
February 28th, so secure your free ArcSight Logger TODAY! 
http://p.sf.net/sfu/arcsight-sfd2d
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users