On Tue, Nov 23, 2010 at 9:34 AM, <cvollet at gmail.com> wrote: > Well, right now, we do ask a password if users want to encrypt the > client-layer or whatever that is we encrypt. So, the idea was to allow > that on a per-identity basis. If it's not possible/too complicated/not > useful, then yes, we can just go with the current master password, and > identities without any password.
I'm just not sure I see a concrete benefit to encrypting per-identity, and I see a lot of usability pit-falls. We have enough usability problems to worry about without creating new ones. Also, is it not possible to have a > system to backup passwords in-freenet? (of course, only if we agree > identity-based encryption is a plus) Well, there would need to be a separate recovery password, and then the original password simply becomes redundant from a security point of view. Ian. -- Ian Clarke CEO, SenseArray Email: ian at sensearray.com Ph: +1 512 422 3588 -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20101123/6e4b526a/attachment.html>
