The simplest solution in my opinion is to add one functionality to the sync client. Having one encrypted/secure folder, which gets synced additionally to the usual folders a user wants. All files in the encrypted/secured folder will be encrypted/decrypted before the sync client uses them. So compatibility won't change really.
secure/* -> encryption -> owncloud/secure/*-encrypted (your layer of de-/encrypting) owncloud/* -> sync-client -> server (usual sync-client functionality) This way you don't interfere with the sync functionality or the webinterface behaviour. For the actual encryption I would prefer gpg/pgp like asynchronous libs (do not try to reinvent encryption). Cheers Michael (scalbility-junk) On Fri, Oct 25, 2013 at 5:00 PM, Paul Greindl <[email protected]> wrote: > Hi Klaas! > > We would try make client side encryption available for each individual file, > making it possible to encrypt the files you want while preserving ownClouds > web functionality. Then we of course need to be clear about how to use it > and what the encryption feature encrypts. But I think it's the best solution > for owncloud and leaves the freedom to decide to the user. I don't think > that the lack of web interface support for those encrypted files would be a > problem for those seeking maximum security, at least if we are clear about > it from the beginning. > > Thanks for your input! > > Paul > > > > On 2013-10-25 16:41, Klaas Freitag wrote: >> >> On 25.10.2013 16:16, Paul Greindl wrote: >>> >>> Hi! >>> >>> That was what I was talking about, we are going to implement it. >>> Regarding the value, in our project it actually was a quite often >>> requested feature and I personally find it important, too! As I >>> mentioned, not all users have the possibility to host their own server. >>> That's why we decided to focus on encryption. It's all about security! >>> >>> What we need is the opinion of the ownCloud and sync app developers as I >>> guess they have been thinking about how they would like such a feature >>> to be implemented. Also we could check how seafile implemented their >>> client side encryption. >> >> Well, you would encrypt every file before you upload it with a local key. >> Sounds simple, is probably doable for small files, becomes tricky for larger >> files. You must permit uploads through the web interface and webdav. >> >> I think it does not make too much sense because you loose almost all >> features of the ownCloud web interface, such as viewing files, music etc. >> >> Klaas >> >>> >>> >>> On 2013-10-25 15:47, Bernhard Posselt wrote: >>>> >>>> Iirc The general opinion was that we focus more on bug fixing than on >>>> features that are very likely to come with tons of bugs, are hard and >>>> time intensive to implement and add little value to the overall user >>>> experience >>>> >>>> Chris <[email protected]> schrieb: >>>> >>>>> Hi, >>>>> >>>>> there are some discussion about client-side encryption available at the >>>>> bugtrackers: >>>>> >>>>> https://github.com/owncloud/core/issues/106 >>>>> https://github.com/owncloud/mirall/issues/275 >>>>> >>>>> but i don't know if there are any real plans for client-side >>>>> encryption at >>>>> the moment. >>>>> >>>>> >>>>> >>>>> -- >>>>> View this message in context: >>>>> >>>>> http://owncloud.10557.n7.nabble.com/Client-Side-encryption-with-OwnCloud-tp11109p11110.html >>>>> >>>>> Sent from the ownCloud mailing list archive at Nabble.com. >>>>> _______________________________________________ >>>>> Owncloud mailing list >>>>> [email protected] >>>>> https://mail.kde.org/mailman/listinfo/owncloud >>>> >>>> _______________________________________________ >>>> Owncloud mailing list >>>> [email protected] >>>> https://mail.kde.org/mailman/listinfo/owncloud >>> >>> >>> _______________________________________________ >>> Owncloud mailing list >>> [email protected] >>> https://mail.kde.org/mailman/listinfo/owncloud >> >> >> _______________________________________________ >> Owncloud mailing list >> [email protected] >> https://mail.kde.org/mailman/listinfo/owncloud > > > _______________________________________________ > Owncloud mailing list > [email protected] > https://mail.kde.org/mailman/listinfo/owncloud _______________________________________________ Owncloud mailing list [email protected] https://mail.kde.org/mailman/listinfo/owncloud
