Encryption

This page is meant to sum up the discussion so far

Public-private key

To enable an efficient encryption of posts (also files) for groups (aspects) the following is applied:

a random key (RK) is generated
the post is encrypted with the random key: enc(RK, msg)
for each recipient Rn, RK is encrypted with their public key: enc(pub(Rn), RK)
the encrypted key is sent to each recipient

If a friend is added to the group, RK is encrypted once more. If a friend is removed from a group, we don't generate a new RK to re-encrypt everything.

SSL

Encrypt the connection between servers...

Leamas: According to the Security-Architecture-Proposal should SSL not be needed between servers. OTOH, it is needed in the pod/browser interface. Or am I missing something?

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Encryption

Public-private key

SSL

Leamas: According to the Security-Architecture-Proposal should SSL not be needed between servers. OTOH, it is needed in the pod/browser interface. Or am I missing something?

see also:

Clone this wiki locally