[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] Is s3+http encrypted during transmission?
|
From: |
Scott Hannahs |
|
Subject: |
Re: [Duplicity-talk] Is s3+http encrypted during transmission? |
|
Date: |
Tue, 7 Feb 2012 09:58:45 -0500 |
On Feb 7, 2012, at 09:38, Ryan Chan wrote:
> This is a good point and I hope that need to be promoted.
>
> The reason is now S3 support server side encryption, and if the connection is
> encrypted by default, we actually can skip our local encryption process. (I
> know not for all the use cases, but sometimes this level of security is
> already enough..)
Actually the premise of duplicity is that the storage itself is unsafe. If you
protect the communication channel but not the end storage then there isn't much
point in encrypting at all. Encryption is an all or nothing type system. You
can argue that it is more likely that the communication to the S3 storage is
more likely to be intercepted than someone getting access to the S3 system
itself but the difference in probability is less than an order of magnitude not
many orders of magnitude.
Just use tar and rsync and forget duplicity.
-Scott