> > I think it would be helpful for you to write out your assumptions > > about threats. I am relatively unconcerned with people getting access > > to my tapes - they are locked up as well as the computers. > > They are locked up _today_. Do you know what will happen to them in a > couple of months/years? I remember at least two cases where big banks > have lost tapes with sensitive data on them and no one knows where the > tapes are or who have/had access to them. How do you know that this > will not happen to your tapes?
I just stumbled over yet an other (current) case of lost backup tapes with sensitive data on them: Look at http://www.heise.de/newsticker/meldung/67824 Since this page is in german, here's a short summary: Marriot Hotels has lost backups with address and creditcard data of 206000 customers. [ ... ] A couple of weeks ago the bank ABN Amro has lost a backup tape with data of 2 million credit users. > > Really, I am trying to ask you to think about keeping transport and > > storage encryption conceptually separate, even if you have a mechanism > > that does both without any bits on the server. The above examples show that having unencrypted backups is not really a good idea. So please think once more about it. The only sane way is the client-encrypted public-key method. -- No software patents in Europe -- http://nosoftwarepatents.com -- Josef Wolf -- [EMAIL PROTECTED] --
