[ILUG] Question on an encryption system (using OSS)
Braun Brelin
bbrelin at gmail.com
Tue Sep 13 13:07:23 IST 2005
One issue I'm not clear on is the encrypted file itself. In order for me to
be able to distribute
the file via P2P to multiple people, i can't have a system where each
users's encrypted file is different, otherwise the P2P model doesn't work
for distribution. so, i need a method whereby
the encrypted file is the same, but the users keys are different...
Braun
On 9/13/05, Conor Daly <conor.daly_ilug at cod.homelinux.org> wrote:
>
> On Tue, Sep 13, 2005 at 12:15:21PM +0100 or so it is rumoured hereabouts,
> Proinnsias Breathnach thought:
> >
> > I'd be leaning towards some flavour of gpg encrypted/signed call-home
> > registration method. Registration script to encrypt to your public
> > release-key a message which is signed by the users' key. To which the
> > server replies with a decrypt-key encrypted to the user-key. The script
> > would only store the decrypt-key in memory, avoiding most of the vectors
> > for its getting out into the wild.
>
> This method limits unpacking of your tarball to those machines that can
> access your server. If your server disappears, they cannot get at the
> tarball ever. You'd need to provide the means to get at the tarball on a
> standalone machine.
>
> Conor
> --
> Conor Daly <conor.daly at oceanfree.net>
>
> Domestic Sysadmin :-)
> ---------------------
> Hobbiton.cod.ie <http://Hobbiton.cod.ie>
> 12:27:38 up 29 days, 20:19, 2 users, load average: 0.18, 0.11, 0.03
> --
> Irish Linux Users' Group
> http://www.linux.ie/mailman/listinfo/ilug/
>
>
More information about the ILUG
mailing list