Re: [SC-L] Best practices for encrypting client-side data

2007-05-09 Thread Blue Boar
Robin Sheat wrote: Basically, I needed to encrypt the on-disk format of some data that is accessed as a seekable file (it's actually a Lucene index, but the details aren't too relevant). The use case for this is to ensure the data is kept private, even if the disk or computer the data is on

Re: [SC-L] Best practices for encrypting client-side data

2007-05-09 Thread SC-L Subscriber Dave Aronson
Robin Sheat [mailto:[EMAIL PROTECTED] wonders: What I did was take the user's password to create a key What happens when the user changes his password? I didn't quite follow it all, but it looks to me like that means that all of a user's data has to be decrypted and re-encrypted. You