Hi,
What are chances that viewing of PKCS#7 encrypted messages will be seen
in browsers. This functionality is missing in NC4.7 and 6.0 AFAIK. What
this possibility would be handy?
Given this thing I could store documents on server encrypted with clients
certificates of persons who should be allowed to see unencrypted
contents. When browser gets such file it could see that ther is client
cert which allows decryption of such file, decrypts and shows to user.
That way neither system manager not intruder who obtains direct access
to files on disk would be unable to read contents. This would add one
extra level of data security.
If you will consider this feature, please also think about complement -
encrypting (signing is present in NC4.7) of data provided in html form
to be readable only to set (provided by form, optionally editable in UI)
of holders of client certs. This could be used for creation of PKCS#7
encrypted messages what I spoke about at the start of this message.
Thanks in advance.
--
Aidas Kasparas
UNIX administrator
AB Lifosa
