bug-recutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [bug-recutils] Feature Request: Confidential Fields


From: Jose E. Marchesi
Subject: Re: [bug-recutils] Feature Request: Confidential Fields
Date: Thu, 25 Aug 2011 11:02:58 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.0.50 (gnu/linux)

Hi Sven.
    
    Here is my idea:
    A field which holds a hashed password or maybe a list of hashed passwords:
    [...]    
    A type to flag fields as 'confidential':

Sounds like an useful facility.  I like the idea, but I would use a
different way to mark fields as confidential:

%rec: Customer
%password: HASHEDPASSWORD
%type: Phone re /[0-9]{8}/
%confidential: Phone

This way, introducing a new %confidential special field, Phone can still
have a type.  The hash in %password is used for all confidential fields
in the given record set.

Another issue is which encryption/decryption algorithm to use, and which
algorithm to use to generate the passwords.  I was thinking on applying
something similar to what is used in PDF files: symetric AES
encryption.  But I am not an expert in that field.

    2) Insertion should be done via recins
       and then stored as encrypted text.
    
       This way, entries can be done
       without knowing the password
    
       Only getting the data needs a password.

How that would work?  We would need to distribute the encryption key in
the recfile, somehow, right?
    
    3) If insertions is done via a text editor,
       recfix could encrypt it afterwards.

How would recfix recognize non-encrypted values?

-- 
Jose E. Marchesi    address@hidden
GNU Project         http://www.gnu.org



reply via email to

[Prev in Thread] Current Thread [Next in Thread]