On Tue, Nov 23, 2010 at 9:34 AM, <[email protected]> wrote: > Well, right now, we do ask a password if users want to encrypt the > client-layer or whatever that is we encrypt. So, the idea was to allow > that on a per-identity basis. If it's not possible/too complicated/not > useful, then yes, we can just go with the current master password, and > identities without any password.
I'm just not sure I see a concrete benefit to encrypting per-identity, and I see a lot of usability pit-falls. We have enough usability problems to worry about without creating new ones. Also, is it not possible to have a > system to backup passwords in-freenet? (of course, only if we agree > identity-based encryption is a plus) Well, there would need to be a separate recovery password, and then the original password simply becomes redundant from a security point of view. Ian. -- Ian Clarke CEO, SenseArray Email: [email protected] Ph: +1 512 422 3588
_______________________________________________ Devl mailing list [email protected] http://freenetproject.org/cgi-bin/mailman/listinfo/devl
