Again, thank you very much for the explanation. Now that I understand the system a little bit I would like to come back to my initial question:
I assume all encryption and decryption is processed either in the client or in the gateway (beside of transport encryption, e.g. TLS). This is a good choice and Tahoe's developers seem to be very sensible to make a secure architecture. Still the solution may not be trustworthy enough for very sensible information (depending on the user and her requirements). I see two promising options to mitigate such doubts: A) increase the key length (e.g. AES-265) or allow the choice between more algorithms and key lengths in general (user configured). B) use a kind of (hardware) token. For my understanding the latter one would need to be installed at the gateway. Are there any ideas or plans regarding increased key length, more algorithms or the usage of smart cards? Stefan _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
