On Wednesday 09 May 2007 03:00:12 SC-L Subscriber Dave Aronson wrote:
What happens when the user changes his password? I didn't quite follow it
all, but it looks to me like that means that all of a user's data has to be
decrypted and re-encrypted. You didn't tell us how much data that is, so
On Wednesday 09 May 2007 05:04:53 you wrote:
You go on to describe (I think) crypto operations that take place
completely on the client site. What is the relationship between the
encrypted data and server client-server communications?
For the purposes of this, there isn't. It was just to
On Wednesday 09 May 2007 02:11:05 ljknews wrote:
I would suggest two factor authentication, requiring some smart card
(with built-in keypad, to prevent intercept of the pin) that actually
provides the decryption. Make the user keep the smart card with them,
such as by requiring it for
At 12:01 PM +1200 5/10/07, Robin Sheat wrote:
Content-Type: multipart/signed; boundary=nextPart1622971.NJ1973Q3ia;
protocol=application/pgp-signature; micalg=pgp-sha1
Content-Transfer-Encoding: 7bit
On Wednesday 09 May 2007 02:11:05 ljknews wrote:
I would suggest two factor