[Owncloud] Client Side encryption with OwnCloud

Michael Grosser owncloud at seetheprogress.net
Sat Oct 26 10:42:46 UTC 2013


On Sat, Oct 26, 2013 at 12:40 PM, Arthur Schiwon <blizzz at owncloud.com> wrote:
> On Sa, 2013-10-26 at 11:37 +0200, Michael Grosser wrote:
>> On Fri, Oct 25, 2013 at 10:44 PM, Cornelius Schumacher
>> <schumacher at kde.org> wrote:
>> > On Friday 25 October 2013 Klaas Freitag wrote:
>> >> On 25.10.2013 18:34, Cornelius Schumacher wrote:
>> >> >
>> >> > To me client-side encryption is the one big missing feature in ownCloud.
>> >> > This would enable hosting it on an server you don't control, and still
>> >> > have full ownership and control of your data.
>> >>
>> >> Well, you own the data on the server, but its useless there for you.
>> >
>> > It's only useless for any server-side processing, and that's the whole point.
>> >
>> >> So
>> >> what is the use case of the entire ownCloud (filemanagement) then? Just
>> >> a hub to synchronize from one device to the other?
>> >
>> > Yes, accessing the data from multiple clients. And that could well be web
>> > clients as well. But the processing would be on the client, and not on the
>> > server.
>> Could be done via the client overlay or later on with a browserplugin,
>> perhaps even a browser on a usb stick with your private key so you can
>> launch it from a usb, when you need it and semitrust the computer...
>
> At least something that is signed and can checked and verified by the
> users computer, JS alone won't do. Easy to compromise, especially if you
> can do MITM on SSL.
Yeah that's where the plugin comes in, checkable download, with
delivery of local js.
>
> Cheers
> Arthur
>
>>
>> >
>> > Sharing with others becomes tricky, because it would mean some kind of
>> > exchange of keys, but even that might be a solvable problem.
>> True, but public keys of other users could be managed by the server
>> and used for encrypting the shared file and reuploaded for the other
>> user. A bit more complicated and bandwidth/resource intensive, but as
>> you said solvable.
>> >
>> >> Actually yes, that's a feature. But I think we were hoping to make more
>> >> out of ownCloud. And that made the idea slipping further down the
>> >> priority list I think.
>> >
>> > More control, more privacy, more security, that's what I personally expect
>> > from ownCloud. For just writing fancy web applications there are many other
>> > projects which do a good job. Not saying that it's a bad thing to do it ;-)
>> \o/
>> >
>> >> > Is it hard to implement such a feature? Hell yes. But that's part of the
>> >> > fun and the value.
>> >>
>> >> Does that mean you're in? Great! :-D
>> >
>> > That's a trick question, right? Let me say for now I'm in as a supporter of
>> > the idea ;-)
>> >
>> > --
>> > Cornelius Schumacher <schumacher at kde.org>
>> > _______________________________________________
>> > Owncloud mailing list
>> > Owncloud at kde.org
>> > https://mail.kde.org/mailman/listinfo/owncloud
>> _______________________________________________
>> Owncloud mailing list
>> Owncloud at kde.org
>> https://mail.kde.org/mailman/listinfo/owncloud
>
>
> _______________________________________________
> Owncloud mailing list
> Owncloud at kde.org
> https://mail.kde.org/mailman/listinfo/owncloud



More information about the Owncloud mailing list