On Aug 19, 2009, at 1:58 PM, Tara Kelly wrote:
Saqib, I Think you did a pretty good job of explaining it actually.
HPH is a data privacy pattern, generally implemented via Ajax.
Various info here: http://google.com/search?q=host-proof+hosting
Passpack is based on HPH. We've also introduced some variations on
the theme, but they all have in common the fact that the data
reaches the server pre-encrypted, and without the keys. In the list
of results Google returns there's also a GPL/Mit library you can
play with if you're interested. We use HPH for passwords, but I
imagine there are plenty of other apps that could benefit from
handling at least some portion of their data this way.
Let me know if you have more questions. Happy to answer if I can.
Cheers,
Tara
Thanks for that!
Passpack looks quite interesting. I might just ditch KeePassX
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
