[Pkg-owncloud-maintainers] Bug#785052: Encryption

Soren Stoutner soren at stoutner.com
Wed Nov 11 04:17:50 UTC 2015 

David

On Tuesday, November 10, 2015 08:24:15 PM David Prévot wrote:
> The migration process will anyway need to decrypt and encrypt
> everything, whether that’s done during the package upgrade process, or
> by the admin later (meaning that the encrypted data will be unavailable
> until then, and that might even get worse if some data get uploaded in
> the mean time).

The official blog post about the new encryption specifies that old files will not be 
decrypted and reencrypted during migration.  Indeed, that was one of the stated design 
goals.

"For compatibility reasons we used the same encryption algorithm (4096-bit strong key-
pairs for the users’ private and public key and the files key are encrypted with AES-256 
by default). We needed to change the location of the keys, but the upgrade process will 
take care of it. "

"Encryption 2.0 only deals with new files. This means that it won’t encrypt unencrypted 
files after being enabled, nor will it re-encrypt files during the upgrade to ownCloud 8.1. 
Not being able to re-encrypting old files is not a problem as the encryption is 
compatible with the earlier used algorithm. If you enable an encryption app with a 
different algorithm, ownCloud will pick the right app for the right file, ensuring that new 
or modified files use the new algorithm while keeping the old files accessible"

"A future ownCloud release is planned to introduce the ability to re-encrypt, decrypt or 
encrypt all files to the ownCloud command line tool."

https://owncloud.org/blog/encryption-2-0-in-owncloud-server-8-1/[1] 

-- 
Soren Stoutner
soren at stoutner.com
623-262-6169

--------
[1] "Encryption 2.0 only deals with new files. This means that it won’t encrypt 
unencrypted files after being enabled, nor will it re-encrypt files during the upgrade to 
ownCloud 8.1. Not being able to re-encrypting old files is not a problem as the 
encryption is compatible with the earlier used algorithm. If you enable an encryption app 
with a different algorithm, ownCloud will pick the right app for the right file, ensuring 
that new or modified files use the new algorithm while keeping the old files accessible"

"A future ownCloud release is planned to introduce the ability to re-encrypt, decrypt or 
encrypt all files to the ownCloud command line tool."

https://owncloud.org/blog/encryption-2-0-in-owncloud-server-8-1/ 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-owncloud-maintainers/attachments/20151110/7345cbb0/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-owncloud-maintainers/attachments/20151110/7345cbb0/attachment-0001.sig>

More information about the Pkg-owncloud-maintainers mailing list