couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ryan Ramage <ryan.ram...@gmail.com>
Subject Re: Encrypting attachments
Date Tue, 12 Apr 2011 20:03:05 GMT
I think Benoit is talking about a middle layer. Like node.js or an app server.

If you are doing a thin couchapp style, then yes it's harder. You
could use a javascript encryption lib on the client.

Although, I could see value of having it handled as a "couch plugin"
to the attachment system.


On Tue, Apr 12, 2011 at 1:51 PM, Travis Jensen <travis.jensen@gmail.com> wrote:
> On Apr 12, 2011, at 11:41 AM, Benoit Chesneau <bchesneau@gmail.com> wrote:
>
>> On Tue, Apr 12, 2011 at 7:33 PM, Travis Jensen <travis.jensen@gmail.com> wrote:
>>> If I wanted to encrypt all attachments, where would I go about hooking
>>> in to couch? I'm guessing I would have to replace the current
>>> attachment handler, right?
>>>
>>> I haven't started digging on this; I thought it might be useful to get
>>> some feedback first.
>>>
>>> Thanks
>>>
>>> Tj
>>>
>>> -
>>> Travis Jensen
>>>
>>
>> for better security I would encode them at the client level so the
>> server isn't aware of the decryption key or anything.
>>
>> - benoƮt
>
> While I totally agree with you, it isn't really practical for
> web-based applications.
>
> Tj
>
> -
> Travis Jensen
>

Mime
View raw message