On Wed, Mar 31, 2010 at 6:04 PM, Spencer E. Olson <[email protected]> wrote: > Pardon my intrusion into the discussion, but I've been following this with > mild interest and am wondering about the scope of what is proposed. > For example, if we just want to worry about encrypting so that a single user's > files are protected with a key held by that user (or the user's client), how > is this really different from, for instance, just using EncFS on top of AFS?
All the people who don't have FUSE should, I guess, run VMware? What about the platforms that don't support that either? > I currently do this with no problems and the admins, or anyone else for that > matter, certainly can only see gobble-dee-gook when they look at my files. > > If the scope of this effort is intended to be much broader than this, Like, say, the other N platforms.... > then it seems that the real issue really is in the (auto)magic management of > keys and > policies. Seems not. > I certainly agree with what has already been stated about the > clients doing any encryption necessary. It would, on the other hand, be > pretty cool if the key-management were implemented such that the user could > specify other users/groups that can have access to the encrypted data. Something like that seems like it could be added, but not until you have the basics. This project was proposed for that. Scope creep can be next year's GSoC, maybe? > I think someone already suggested something like this where the common > encryption key of the file contents is encrypted for each user with their own > public key (speaking in terms of PKI language). _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
