[Owncloud] Client Side encryption with OwnCloud

Arthur Schiwon blizzz at owncloud.com
Sat Oct 26 10:40:24 UTC 2013


On Sa, 2013-10-26 at 11:37 +0200, Michael Grosser wrote:
> On Fri, Oct 25, 2013 at 10:44 PM, Cornelius Schumacher
> <schumacher at kde.org> wrote:
> > On Friday 25 October 2013 Klaas Freitag wrote:
> >> On 25.10.2013 18:34, Cornelius Schumacher wrote:
> >> >
> >> > To me client-side encryption is the one big missing feature in ownCloud.
> >> > This would enable hosting it on an server you don't control, and still
> >> > have full ownership and control of your data.
> >>
> >> Well, you own the data on the server, but its useless there for you.
> >
> > It's only useless for any server-side processing, and that's the whole point.
> >
> >> So
> >> what is the use case of the entire ownCloud (filemanagement) then? Just
> >> a hub to synchronize from one device to the other?
> >
> > Yes, accessing the data from multiple clients. And that could well be web
> > clients as well. But the processing would be on the client, and not on the
> > server.
> Could be done via the client overlay or later on with a browserplugin,
> perhaps even a browser on a usb stick with your private key so you can
> launch it from a usb, when you need it and semitrust the computer... 

At least something that is signed and can checked and verified by the
users computer, JS alone won't do. Easy to compromise, especially if you
can do MITM on SSL.

Cheers
Arthur

> 
> >
> > Sharing with others becomes tricky, because it would mean some kind of
> > exchange of keys, but even that might be a solvable problem.
> True, but public keys of other users could be managed by the server
> and used for encrypting the shared file and reuploaded for the other
> user. A bit more complicated and bandwidth/resource intensive, but as
> you said solvable.
> >
> >> Actually yes, that's a feature. But I think we were hoping to make more
> >> out of ownCloud. And that made the idea slipping further down the
> >> priority list I think.
> >
> > More control, more privacy, more security, that's what I personally expect
> > from ownCloud. For just writing fancy web applications there are many other
> > projects which do a good job. Not saying that it's a bad thing to do it ;-)
> \o/
> >
> >> > Is it hard to implement such a feature? Hell yes. But that's part of the
> >> > fun and the value.
> >>
> >> Does that mean you're in? Great! :-D
> >
> > That's a trick question, right? Let me say for now I'm in as a supporter of
> > the idea ;-)
> >
> > --
> > Cornelius Schumacher <schumacher at kde.org>
> > _______________________________________________
> > Owncloud mailing list
> > Owncloud at kde.org
> > https://mail.kde.org/mailman/listinfo/owncloud
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud





More information about the Owncloud mailing list