Re: [Evolution-hackers] Cache encryption

From: David Woodhouse <dwmw2 infradead org>
To: Matthew Barnes <mbarnes redhat com>
Cc: evolution-hackers gnome org
Subject: Re: [Evolution-hackers] Cache encryption
Date: Fri, 04 Mar 2011 11:55:32 +0000

On Fri, 2011-03-04 at 06:50 -0500, Matthew Barnes wrote:
> On Fri, 2011-03-04 at 11:40 +0000, David Woodhouse wrote:
> > I'm working on "Enterprise" use of Evolution, and one of the big
> > requirements is encryption of data at rest. The answer "just encrypt the
> > whole of the user's home directory" only puts them off for so long.
> 
> Can you go into more detail about why it's needed?  Would help me to
> better understand the use cases.

Mostly corporate paranoia. If your phone/tablet/laptop is stolen, the
data on it should not be stored in clear text. That would let the thief
read all your ultra-secret memo-list mails.

On mobile devices, this often translates in practice to a policy of "if
you don't encrypt data at rest, you aren't allowed access to the data in
the first place".

This requirement is what leads to such abominations as "Good Mobile
Messaging", where the native email/calendar client on the iPhone isn't
considered secure enough, so people are forced to use a crappy
third-party alternative which *does* do the necessary encryption.

Obviously, the encryption would be *optional*, and enabled per-account.
I wouldn't want to force it on everyone by default.

-- 
dwmw2

Follow-Ups:
- Re: [Evolution-hackers] Cache encryption
  - From: Matthew Barnes

References:
- [Evolution-hackers] Cache encryption
  - From: David Woodhouse
- Re: [Evolution-hackers] Cache encryption
  - From: Matthew Barnes

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]