Add encryption to the saved dumps #89
Labels
area: storage
level: advanced
status: stale
Has received no activity in a while
type: enhancement
Changes or improvements to existing features
Comments
lemonsaurus
added
area: storage
level: advanced
status: stale
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Abstract
Due to GDPR and security issues, support should be added for password and/or PGP encryption. This can be done through the
pgpylibrary.Rationale
While databases are usually encrypted, dumps aren’t, leaving the data at risk. To prevent that, it can be encrypted using a password.
This contains it owns flaws as the password will have to be stored somewhere in cleartext. Asymmetric encryption using PGP can be used by storing a public key in the configuration file and have the developer at home owning the private decryption key.
Specifications
Another configuration can be added at the root level or for each individual storage provider to select the encryption method to use and the password or ascii armored public key.
Data can be encrypted before uploading and the file (that will be made temporary by #88) will have to be securely erased.
Symmetric encryption can be also done through GPG to have a simple way to decrypt the file.
The text was updated successfully, but these errors were encountered: