Re: [Evolution-hackers] Cache encryption



On Fri, 2011-03-04 at 12:59 +0000, David Woodhouse wrote:
> On Fri, 2011-03-04 at 07:49 -0500, Jeffrey Stedfast wrote:
> > Anyways, do you also plan on encrypting mbox/maildir files? Might make
> > sense... 
> 
> Missed that bit; overtrimming my citations. I probably wouldn't do this
> *myself* in the first round, but I'd hope that someone might add it
> soon, and I might accidentally get drunk one night and do it anyway.
> These things happen...

	Hi,
there might be an issue with sqlite3 databases, citing the comment (I
didn't check the actual code at all):
  #if SQLITE_HAS_CODEC
  /*
  ** Specify the key for an encrypted database.  This routine should be
  ** called right after sqlite3_open().
  **
  ** The code to implement this API is not available in the public
  ** release of SQLite.
  */

One other question, for camel "caches", what's the advantage to encrypt
provider's cache when you do not encrypt message itself, where is much
more data, actually the real complete email? I know this is meant for
things like imap (which has its own cache mechanism anyway), but you
might be able to do the same encryption for On This Computer storage and
*all* providers as well, because you always may want to download your
corporate messages to local store because of quota limitation (I recall
one user doing so).

So this might be rather "all or nothing", right? Otherwise security guys
will be pretty unhappy for partial "solution".
	Bye,
	Milan



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]