|
Re: new feature: client-side, server-side encryption dumptype option
2005-12-11 09:44:48
On Sat, Dec 10, 2005 at 09:12:49AM -0800, Kevin Till wrote:
> I have added a dumptype option, "encrypt".
Great! Thanks for your afford to bring encryption into amanda's core.
I have not taken a close look on it yet. From the description, I have the
impression that this solution is based on symmetric encryption. I don't
think this is a good idea. Having the passphrase lying around on all
your clients[1] is a big weakness, IMHO. It would be better to encrypt
with a public key. The private key and the passprase should be locked
away to a safe place. They should be needed only for desaster-recovery.
[1] You need client-side encryption if you don't want your data flowing
unencrypted over the network.
--
No software patents in Europe -- http://nosoftwarepatents.com
-- Josef Wolf -- jw AT raven.inka DOT de --
|
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
Re: new feature: client-side, server-side encryption dumptype option,
Josef Wolf <=
- Re: new feature: client-side, server-side encryption dumptype option, Kevin Till
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Kevin Till
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
- Re: new feature: client-side, server-side encryption dumptype option, Josef Wolf
- Re: new feature: client-side, server-side encryption dumptype option, Greg Troxel
|
|
|
