On 2011-04-12 21:51, Travis Jensen wrote:
On Apr 12, 2011, at 11:41 AM, Benoit Chesneau<[email protected]> wrote:
On Tue, Apr 12, 2011 at 7:33 PM, Travis Jensen<[email protected]> wrote:
If I wanted to encrypt all attachments, where would I go about hooking
in to couch? I'm guessing I would have to replace the current
attachment handler, right?
I haven't started digging on this; I thought it might be useful to get
some feedback first.
for better security I would encode them at the client level so the
server isn't aware of the decryption key or anything.
While I totally agree with you, it isn't really practical for
web-based applications.
What is the gain of having encrypted attachments if the key is available
on the server?
Michael.
