summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLars Wirzenius <liw@liw.fi>2021-01-29 06:09:35 +0000
committerLars Wirzenius <liw@liw.fi>2021-01-29 06:09:35 +0000
commit03ba1e991a1159f05cfbc20a056763082a35c003 (patch)
tree5f443c97579e64a1ec9ec3e961c1cb6ecea5ac2d
parentfd99148074d6c82cde3e0426d0f8a1a644c68779 (diff)
parent5491e2f59e8b011fbf863a2f652a22f250a12285 (diff)
downloadobnam2-03ba1e991a1159f05cfbc20a056763082a35c003.tar.gz
Merge branch 'enc-ac' into 'main'
doc: add outline of encryption verification scenarios Closes #52 See merge request larswirzenius/obnam!76
-rw-r--r--obnam.md40
1 files changed, 40 insertions, 0 deletions
diff --git a/obnam.md b/obnam.md
index accfca2..e81989b 100644
--- a/obnam.md
+++ b/obnam.md
@@ -1039,11 +1039,51 @@ given a manifest of the directory live restored in rest in rest.yaml
then files second.yaml and rest.yaml match
~~~
+# Acceptance criteria for backup encryption
+This chapter outlines scenarios, to be implemented later, for
+verifying that Obnam properly encrypts the backups. These scenarios
+verify only encryption aspects of Obnam.
+
+## Backup without passphrase fails
+
+Verify that trying to backup without having set a passphrase fails
+with an error message that clearly identifies the lack of a
+passphrase.
+
+## A passphrase can be set
+
+Set a passphrase. Verify that it's stored in a file that is only
+readable by it owner. Verify that a backup can be made.
+
+## A passphrase stored insecurely is rejected
+
+Verify that a backup fails if the file where the passphrase is stored
+is readable by anyone but its owner. Verify that the error message
+explains that the backup failed due to the passphrase file insecurity.
+
+## The passphrase can be changed
+
+Verify that the passphrase can be changed and that backups made before
+the change can no longer be restored. (Later, this requirement will be
+re-evaluated, but this is simple and gets us started.)
+
+## The passphrase is not on server in cleartext
+
+Verify that after the passphrase has been set, and a backup has been
+made, the passphrase is not stored in cleartext on the server.
+
+## A backup is encrypted
+
+Verify that the backup repository does not contain the backed up data
+in cleartext.
<!-- -------------------------------------------------------------------- -->
+# Colophon
+
+This manual is edited in Markdown and typeset using [Subplot][].
---
title: "Obnam2&mdash;a backup system"