[Evolution-hackers] Cache encryption

[David Woodhouse <dwmw2 infradead org>]

I'm working on "Enterprise" use of Evolution, and one of the big
requirements is encryption of data at rest. The answer "just encrypt the
whole of the user's home directory" only puts them off for so long.

So I'm looking at implementing this directly in camel-data-cache,
e-cal-backend-cache, etc.

I'll probably do the encryption with a randomly-generated key, which
itself is stored locally, encrypted with a password. 

That way, changing the password doesn't involve re-encrypting the whole
of the store; you only need to re-encrypt the master key. It also means
that we can tie the password for the cache to the password for the
server; entering one will allow access to both.

Hopefully, the changes required to code that *uses* the cache
functionality should be fairly limited. Mostly it should be handled by
extra arguments to camel_data_cache_new(), e_cal_backend_cache_new(),
camel_db_open() and similar functions.

I'm hoping that it's reasonable to declare that *filenames* are not
sensitive, and that we only need to encrypt the *contents* of files.
Does that seem fair?

Any other comments on the approach?

-- 
David Woodhouse                            Open Source Technology Centre
David Woodhouse intel com                              Intel Corporation