couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Zedeler <mich...@zedeler.dk>
Subject Re: Encrypting attachments
Date Wed, 13 Apr 2011 07:15:03 GMT
On 2011-04-12 21:51, Travis Jensen wrote:
> On Apr 12, 2011, at 11:41 AM, Benoit Chesneau<bchesneau@gmail.com>  wrote:
>> On Tue, Apr 12, 2011 at 7:33 PM, Travis Jensen<travis.jensen@gmail.com>  wrote:
>>> If I wanted to encrypt all attachments, where would I go about hooking
>>> in to couch? I'm guessing I would have to replace the current
>>> attachment handler, right?
>>>
>>> I haven't started digging on this; I thought it might be useful to get
>>> some feedback first.
>> for better security I would encode them at the client level so the
>> server isn't aware of the decryption key or anything.
> While I totally agree with you, it isn't really practical for
> web-based applications.
What is the gain of having encrypted attachments if the key is available 
on the server?

Michael.


Mime
View raw message