1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
Return-Path: <obnam-dev-bounces@obnam.org>
X-Original-To: distix@pieni.net
Delivered-To: distix@pieni.net
Received: from yaffle.pepperfish.net (yaffle.pepperfish.net [88.99.213.221])
by pieni.net (Postfix) with ESMTPS id 3533944667
for <distix@pieni.net>; Mon, 3 Jul 2017 07:48:57 +0000 (UTC)
Received: from platypus.pepperfish.net (unknown [10.112.101.20])
by yaffle.pepperfish.net (Postfix) with ESMTP id E317941CB0;
Mon, 3 Jul 2017 08:48:56 +0100 (BST)
Received: from ip6-localhost.nat ([::1] helo=platypus.pepperfish.net)
by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian))
id 1dRw6K-0006KZ-TD; Mon, 03 Jul 2017 08:48:56 +0100
Received: from [10.112.101.21] (helo=inmail2.pepperfish.net)
by platypus.pepperfish.net with esmtps (Exim 4.80 #2 (Debian))
id 1dRw6J-0006KJ-Oe
for <obnam-dev@obnam.org>; Mon, 03 Jul 2017 08:48:55 +0100
Received: from palant.de ([88.198.212.187])
by inmail2.pepperfish.net with esmtps
(TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89)
(envelope-from <wladimir@palant.de>) id 1dRw6I-0004XF-6M
for obnam-dev@obnam.org; Mon, 03 Jul 2017 08:48:55 +0100
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=palant.de;
s=dkim201610;
h=Sender:Content-Transfer-Encoding:Content-Type:In-Reply-To:
MIME-Version:Date:Message-ID:From:References:Cc:To:Subject;
bh=5kIig9Lgimvik+7aDCwa+8S1dQQicZbc/GVYcVWnHFQ=; b=vkXkGO3fRxS+52kdFmkKIxIbFM
UaJ5m/wI/k305DQDUVaM0gW6JAoFFv269HXOHszmmL7OhEuLGGm+5B0R8mz8WEjgSSYIVQi+ycXDZ
3FtZKsLxmxgpBYo/bXVdhHPGu5fk+466qqaDgVQj9JKoaCtyrxm1gsGcKeiNjPAZ6KTg=;
To: Lars Wirzenius <liw@liw.fi>
References: <2d0a8c01-9f58-1ee7-7e20-53fe65d96718@palant.de>
<20170703050540.p5co243yxedvsaca@liw.fi>
From: Wladimir Palant <gtiobnam@palant.de>
Message-ID: <23949c28-f4b0-04bb-d4b8-c6569c94820b@palant.de>
Date: Mon, 3 Jul 2017 09:48:45 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
Thunderbird/52.1.1
MIME-Version: 1.0
In-Reply-To: <20170703050540.p5co243yxedvsaca@liw.fi>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Pepperfish-Transaction: 77be-bdaa-a662-de06
X-Spam-Score: -3.1
X-Spam-Score-int: -30
X-Spam-Bar: ---
X-Scanned-By: pepperfish.net, Mon, 03 Jul 2017 08:48:55 +0100
X-Spam-Report: Content analysis details: (-3.1 points)
pts rule name description
---- ---------------------- --------------------------------------------------
0.4 PPF_WINDOWS_CHARSET Content-Type is in a Windows-* charset
-0.5 PPF_USER_AGENT User-Agent: exists
-1.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain
-1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1%
[score: 0.0000]
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
X-ACL-Warn: message may be spam
X-Scan-Signature: 7f2245552c28d1e693ee8fc7a1f06879
Cc: obnam-dev@obnam.org
Subject: Re: [rfc] Passphrase-based encryption
X-BeenThere: obnam-dev@obnam.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Obnam development discussions <obnam-dev-obnam.org>
List-Unsubscribe: <http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org>,
<mailto:obnam-dev-request@obnam.org?subject=unsubscribe>
List-Archive: <http://listmaster.pepperfish.net/pipermail/obnam-dev-obnam.org>
List-Post: <mailto:obnam-dev@obnam.org>
List-Help: <mailto:obnam-dev-request@obnam.org?subject=help>
List-Subscribe: <http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org>,
<mailto:obnam-dev-request@obnam.org?subject=subscribe>
Sender: obnam-dev-bounces@obnam.org
Errors-To: obnam-dev-bounces@obnam.org
On 03.07.2017 07:05, Lars Wirzenius wrote:
> If you want this, you should write a plugin that adds symmetric
> encryption in addition to the PGP based on that Obnam currently
> provides. You should probably do it by only encrypting the symmetric
> encryption key that PGP encrypts. This would allow PGP and symmetric
> to be used on the same repo by different clients.
Not really worth it as long as I'm the only one using that plugin, I'd
rather stay with my simple approach then.
> I am afraid, however, that I am unlikely to accept the plugin into
> Obnam proper, since I don't think it makes things better. It's true
> that it will probably be easier to set up, but at the cost of more
> difficult key management.
No problem, if it isn't a good match for the overall concept then so be it.
> Backing up small files such as PGP keys is so easy I don't agree with
> that part of your argument. It's a matter of a few kilobytes. You
> could put the key into a QR code and print it on paper.
My thought was rather encrypting it with a passphrase and storing next
to the actual backup. Doing this correctly turned out non-trivial, with
both GPG's own passphrase encryption and OpenSSL's enc tool using
suboptimal key derivation to say the least.
> Also, environment variables can be read by other processes, just like
> command line arguments can be. See /proc/*/environ. The environ files
> are only readable by the owner, but it's still not a way to pass
> secrets, in my opinion. Defense in depth, and all that.
There aren't too many ways to pass secrets and AFAIK none of them will
protect against other processes running with the same privileges. For
example, you could require the passphrase to be stored in a file
readable only by the owner - but this protection will be equivalent to
the way /proc/*/environ is protected (or GPG keys for that matter).
regards
Wladimir
_______________________________________________
obnam-dev mailing list
obnam-dev@obnam.org
http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org
|
