On 8/3/11 1:46 PM, Stephen Gallagher wrote:
> Well, there exist central storage approaches that don't allow even the
> local admin access to the data. The trade-off of course is that they
> can't reinstate your access if you forget the password. In other
> words, you can set a password that is used as a symmetric key for
> encrypting your data in the central store. It's still central and can
> be retrieved from anywhere, but only you know how to read it. 

You still seem to be missing the relevance of unscrupulous
administrators and compromised systems to "man in the middle" any
interactions you have with this system.  Unless you never access the
data yourself once the unscrupulous admin or attacker has gained access,
then such a person can pretty easily intercept your password and get at
your data.


<<attachment: ijstokes.vcf>>

Freeipa-users mailing list

Reply via email to