[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-recutils] Feature Request: Confidential Fields
From: |
Jose E. Marchesi |
Subject: |
Re: [bug-recutils] Feature Request: Confidential Fields |
Date: |
Thu, 25 Aug 2011 11:02:58 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (gnu/linux) |
Hi Sven.
Here is my idea:
A field which holds a hashed password or maybe a list of hashed passwords:
[...]
A type to flag fields as 'confidential':
Sounds like an useful facility. I like the idea, but I would use a
different way to mark fields as confidential:
%rec: Customer
%password: HASHEDPASSWORD
%type: Phone re /[0-9]{8}/
%confidential: Phone
This way, introducing a new %confidential special field, Phone can still
have a type. The hash in %password is used for all confidential fields
in the given record set.
Another issue is which encryption/decryption algorithm to use, and which
algorithm to use to generate the passwords. I was thinking on applying
something similar to what is used in PDF files: symetric AES
encryption. But I am not an expert in that field.
2) Insertion should be done via recins
and then stored as encrypted text.
This way, entries can be done
without knowing the password
Only getting the data needs a password.
How that would work? We would need to distribute the encryption key in
the recfile, somehow, right?
3) If insertions is done via a text editor,
recfix could encrypt it afterwards.
How would recfix recognize non-encrypted values?
--
Jose E. Marchesi address@hidden
GNU Project http://www.gnu.org