[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0
From: |
Brian May |
Subject: |
Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0 |
Date: |
Thu, 01 Jan 2004 08:30:24 +1100 |
User-agent: |
Gnus/5.1002 (Gnus v5.10.2) Emacs/21.3 (gnu/linux) |
>>>>> "Tom" == Tom Lord <address@hidden> writes:
Tom> The only argument against I see left is that while encryption
Tom> of changesets, import copies, CONTINUATION files, log
Tom> messages, archive-cached revisions and (perhaps) checksum
Tom> files is easy -- encryption of category, branch, version, and
Tom> revision _names_ is not. That's why wonder if a VPN isn't a
Tom> better solution.
With vpn/sftp, if somebody breaks into the server, they get to read
access to everything.
With this method, if somebody breaks into the server, all they get
access to are the encrypted files. The server doesn't even need the
key to decrypt them. In fact, the server, doesn't even need the key to
encrypt them (a possible aid in attacking the public key encryption
scheme).
Of course, the counter argument is that if somebody breaks into *one*
of the client machines, you will (potentially) be able to access
everything anyway, this hasn't changed. However, at least the server
is better protected. Depending on the application, the server could be
the machine most at risk anyway.
If you needed to use this method, I think you would only allow a very
limited number of clients access (as the more clients have access, the
more likely one of them will deliberately/accidently leak the
information).
--
Brian May <address@hidden>
- Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0, (continued)
- Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0, Florian Weimer, 2003/12/31
- Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0, Andrew Suffield, 2003/12/31
- Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0, Florian Weimer, 2003/12/31
- Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0, Tom Lord, 2003/12/31
- Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0, Andrew Suffield, 2003/12/31
- Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0, Tom Lord, 2003/12/31
- Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0,
Brian May <=
- Re: [Gnu-arch-users] oh the heck with it -- tla-1.2pre0, Tom Lord, 2003/12/31