Store information encrypted #13

Closed
opened 2017-10-27 12:31:24 +00:00 by jonas · 5 comments

When dealing with personal data, as if often the case for signups, it would sometimes be useful to be able to store this in an encrypted form, perhaps by GPG encrypting relevant entries to a setup of recipient keys.

When dealing with personal data, as if often the case for signups, it would sometimes be useful to be able to store this in an encrypted form, perhaps by GPG encrypting relevant entries to a setup of recipient keys.
max.mehl added the
prio:high
label 2018-09-27 13:19:14 +00:00
Owner

This is a hot topic as encrypted storage is indeed useful. But we include this data during the generation of publiccode.eu for example, so its container would have to be able to decrypt the data.

One rather complicated way to circumvent symmetric encryption or locally stored GPG private keys would be to generate a second database with striped data. So all data which is not displayed publicly will be censored and saved in clear text while the one containing sensitive or non-public data will be encrypted.

This is a hot topic as encrypted storage is indeed useful. But we include this data during the generation of publiccode.eu for example, so its container would have to be able to decrypt the data. One rather complicated way to circumvent symmetric encryption or locally stored GPG private keys would be to generate a second database with striped data. So all data which is not displayed publicly will be censored and saved in clear text while the one containing sensitive or non-public data will be encrypted.
Owner

I would like to question this issue, and especially the prio:high label. If data is used somewhere, it must be accessible, and if it is not used, we should not store it to start with.

I would like to question this issue, and especially the prio:high label. If data is used somewhere, it must be accessible, and if it is not used, we should not store it to start with.
Owner

True, I think the same. It would also be complicated for the publiccode.eu website to access this data.

Will remove the high prio. Thanks for raising the issue!

True, I think the same. It would also be complicated for the publiccode.eu website to access this data. Will remove the high prio. Thanks for raising the issue!
max.mehl added
enhancement
and removed
prio:high
labels 2019-03-28 11:41:26 +00:00
Owner

Related to #25, I suggest to close this issue.

Related to #25, I suggest to close this issue.
Owner

I agree, thanks for flagging

I agree, thanks for flagging
Sign in to join this conversation.
No Milestone
No Assignees
3 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: fsfe-system-hackers/forms#13
No description provided.