https://bugzilla.wikimedia.org/show_bug.cgi?id=68129
Giuseppe Lavagetto <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #4 from Giuseppe Lavagetto <[email protected]> --- Storing the keys server-side means that anyone with root access on that server can eavesdrop the communications. Given the level of protection needed in this case, the best "user-friendly" solution would be using a browser extension for managing and handling the private key and its encryption work. A good example of this approach is what mailvelope (https://www.mailvelope.com/) is doing. Having credible End-to-end encryption cannot happen on a vanilla browser, and has been debated over and over in the security community. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
