>
> The relevant point here is that if you don't trust the machine
> administrator you can't trust anything on it including any means
> that you might use to supply an encryption key. Wherever the
> server runs it must have access to unencrypted data and that can't
> happen on a machine you don't trust. There probably are ways to
> have encrypted storage, mounted only by a machine you control and
> trust where you run the server, but then you lose any intelligence
> on this network traffic since it will be treated like raw
> filesystem storage. It seems like there should be a way to do this
> with vmware but a sufficiently determined administrator of the
> physical host could probably intercept your passphrase/key exchange
> there too - and you'd need another IP address for the VM running
> the server.
>
> --
> Les Mikesell
> lesmikesell@gmail.com
. . .again, I go back to my car analogy: Do you leave your car
unlocked just because you park it in a "safe place"? Likely not;
you likely take every reasonable precaution to protect it (e.g.
locking it, and arming any alarm you may have). Now, I'm not
suggesting placing this behind 4 feet of tempered steel with 24 hour
armed guard. What I *am* suggesting is a simple encryption scheme to
add a bit more security. And, as I said, with Cryptlib, I don't see
this being a major problem.
At this point, I'm simply looking for some implementation insights.
Thanks.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Jun 20 18:05:52 2007