https://bugzilla.wikimedia.org/show_bug.cgi?id=68129
--- Comment #5 from Chris Steipp <[email protected]> --- Storing the private key on the server does seem to defeat the purpose of encrypting the results, unless that key is itself encrypted, or stored somewhere that has extra controls. From what I can understand of the flow, if you want to keep it how you have it, you could probably encrypt the private key with a new random password, and then email the password to the users who are supposed to use it. A safer option is to have the private-key users actually do the key generation, and then add only the public key to the poll before it starts. That prevents attacks on getting the private key, and attacks on the key generation process. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
