Re: [Monotone-devel] netsync transport encryption?

[Jeronimo Pellegrini]

On Wed, Oct 25, 2006 at 11:53:33AM +1000, Daniel Carosone wrote:
> On Tue, Oct 24, 2006 at 08:07:32PM -0500, Timothy Brownawell wrote:
> > > VPN - extra overhead and installation can be clumsy.
> > 
> > Yeah, but if your code is secret enough that you're worried about people
> > using packet sniffing to get at deltas (not even complete files), then
> > you probably already *have* a VPN set up to redirect everything you do
> > through the corporate firewall anyway...
> 
> *And* you better have disk encryption for your database and
> workspaces,

If you store the database in a server that you don't trust (or that you
think people may break into), then not even disk encryption helps much,
since your passwords need to show up in RAM eventually for the server
to be useful. That was why I started Apso. Encrypt everything locally
with a shared key, and distribute keys using a PGP-like PKI, using
the VC system itself.

But if the server is trusted, disk encryption is fine. (Personally, if
it is something really secret, I wouldn't trust any datacenter to handle
my server except if their sysadmins could have access to my content or to
the keys used to encrypt it).

As I used to hear from someone, "it all depends on your degree of
paranoia..."

J.