You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@subversion.apache.org by Matthew England <me...@mengland.net> on 2004/10/28 00:14:42 UTC
Auto-encrypt file submissions with public key?
As per: http://svnforum.org/forum/viewtopic.php?t=120 ...
Hello,
I want to be able to provide subversion repositories over the web to a
secure community (possibly of only a couple people to start with). SSL
login/access authentication will be nice for starters. However, I'd like to
go beyond access control; I'd like to automatically encrypt the file contents.
I would like to have Subversion auto-encrypt any file submissions/updates
to it's repository (with something like a PGP public key), thus requiring
anyone who gets/reads said file to have some sort of private decryption
mechanism (like a PGP private key associated with the aforementioned public
key) in order to view/use/read/access any of the contents of said file.
Does anyone know of some existing mechanisms to do this? I suspect I will
have to build some things myself, but I'm hoping to minimize my efforts.
The option is that the subversion users simply encrypt the file(s) prior to
submission, but I'm worried that it will be too easy to forget to do this.
I'd like to automate this step at the server side. If I can also automate
the decrypting on the client side, that would be quite convenient, too (but
a lesser priority they then the server-side encrypting).
-Matt
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Auto-encrypt file submissions with public key?
Posted by Matthew England <me...@mengland.net>.
Per encrypted file systems:
At 10/29/2004 03:59 PM, Matthew England wrote:
>Any other pointers or suggestions? Suggested communities?
A community and a thread (with more references in itself) I found:
http://www.linuxquestions.org/questions/showthread.php?threadid=191356
http://www.linuxquestions.org/questions/forumdisplay.php?s=&forumid=4
I've found a few other article references, but not that seem quite as good
as these.
Per SVN-specific authentication: I did get a generous offer of help from
another user with seemingly similar goals who described their
implementation to me, and it sounds quite useful.
Thanks for all feedback!
-Matt
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Auto-encrypt file submissions with public key?
Posted by Matthew England <me...@mengland.net>.
At 10/29/2004 07:59 AM, Max Bowsher wrote:
>Perhaps SSL client certificates would suit your purposes? IIUC, they would
>perform more-or-less what you are trying to achieve, without you having to
>write code yourself.
Yes, this might be a good option. I had not known/thought about SSL
*client* certificates. It's something I'll want to look into. A brief bit
of googling did not produce much beyong SSL client certs for things like
Lotus Notes. Got any open-source/free-of-charge type references you can
suggest?
>>In any case, this approach apparently is neither easy nor generally
>>practiced in the config-management/subversion community...which is mostly
>>what I wanted to know, and I now I know, or at least have some sort of
>>initial "temperature" reading on this stuff.
>
>Subversion generally delegates complicated authn/authz to Apache, because
>it is a large flexible pre-existing base of code in this area.
>
>Would an encrypting filesystem combined with SSL client certs provide
>something near enough to your goal?
I think so, and I very much appreciate your suggesting this alternative. I
am checking into this alternative for my linux-based system(s).
>Because that is a solution that could be assembled from "off-the-shelf"
>components, using unmodified Subversion code.
Yes, that does seem like the way to go after seen your comments, thought
about this, and done a little more web research (a classic case of
presuming a solution to my problem only to find other, alternative, better
ways to skin the cat).
So far, this seems to be the most-promising link:
http://www.linux.com/howtos/Cryptoloop-HOWTO/index.shtml
Any other pointers or suggestions? Suggested communities?
I may hang around usenet = sci.crypt if I get serious. I'd be interested
in any web-forum communities anybody might know, too (as in
phpBB/vBulletin-look-alike web forums).
Finally: Any other ways to potentially solve my problem of securing
confidential data while still distributing it easily over the web?
-Matt
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Auto-encrypt file submissions with public key?
Posted by Max Bowsher <ma...@ukf.net>.
Matthew England wrote:
> At 10/29/2004 03:27 AM, Max Bowsher wrote:
>> Matthew England wrote:
>>> As per: http://svnforum.org/forum/viewtopic.php?t=120 ...
>>>
>>> I would like to have Subversion auto-encrypt any file
>>> submissions/updates
>>> to it's repository (with something like a PGP public key), thus
>>> requiring
>>> anyone who gets/reads said file to have some sort of private decryption
>>> mechanism
>>
>> What you propose above would require source code changes (probably quite
>> major) to subversion, and doesn't actually obtain any extra security at
>> all, except in the single circumstance of the server's hard disc being
>> stolen.
>
> ...and in cases where someone cracks the SSL (unlikely) or simply acquires
> the access login/password, assuming I'm understanding things
> correctly. (Essentially: I see a different between having access to data
> being able to decrypt data.) I could probably dream up other scenarios.
>
> I would hope private keys can be distributed physically and are much
> harder
> to "steal" because they are contained in an encoded file...and one could
> theoretically make a different private key for each access (SSL) login
> (possibly).
In that case, the encryption would have to happen on retrieval *from* the
repository, not on addition *to* the repository.
Perhaps SSL client certificates would suit your purposes? IIUC, they would
perform more-or-less what you are trying to achieve, without you having to
write code yourself.
> In any case, this approach apparently is neither easy nor generally
> practiced in the config-management/subversion community...which is mostly
> what I wanted to know, and I now I know, or at least have some sort of
> initial "temperature" reading on this stuff.
Subversion generally delegates complicated authn/authz to Apache, because it
is a large flexible pre-existing base of code in this area.
Would an encrypting filesystem combined with SSL client certs provide
something near enough to your goal? Because that is a solution that could be
assembled from "off-the-shelf" components, using unmodified Subversion code.
Max.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Auto-encrypt file submissions with public key?
Posted by Matthew England <me...@mengland.net>.
At 10/29/2004 03:27 AM, Max Bowsher wrote:
>Matthew England wrote:
>>As per: http://svnforum.org/forum/viewtopic.php?t=120 ...
>>
>>I would like to have Subversion auto-encrypt any file submissions/updates
>>to it's repository (with something like a PGP public key), thus requiring
>>anyone who gets/reads said file to have some sort of private decryption
>>mechanism
>
>What you propose above would require source code changes (probably quite
>major) to subversion, and doesn't actually obtain any extra security at
>all, except in the single circumstance of the server's hard disc being stolen.
...and in cases where someone cracks the SSL (unlikely) or simply acquires
the access login/password, assuming I'm understanding things
correctly. (Essentially: I see a different between having access to data
being able to decrypt data.) I could probably dream up other scenarios.
I would hope private keys can be distributed physically and are much harder
to "steal" because they are contained in an encoded file...and one could
theoretically make a different private key for each access (SSL) login
(possibly).
In any case, this approach apparently is neither easy nor generally
practiced in the config-management/subversion community...which is mostly
what I wanted to know, and I now I know, or at least have some sort of
initial "temperature" reading on this stuff.
Thanks!
-Matt
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Re: Auto-encrypt file submissions with public key?
Posted by Max Bowsher <ma...@ukf.net>.
Matthew England wrote:
> As per: http://svnforum.org/forum/viewtopic.php?t=120 ...
>
> Hello,
>
> I want to be able to provide subversion repositories over the web to a
> secure community (possibly of only a couple people to start with). SSL
> login/access authentication will be nice for starters. However, I'd like
> to
> go beyond access control; I'd like to automatically encrypt the file
> contents.
>
> I would like to have Subversion auto-encrypt any file submissions/updates
> to it's repository (with something like a PGP public key), thus requiring
> anyone who gets/reads said file to have some sort of private decryption
> mechanism (like a PGP private key associated with the aforementioned
> public
> key) in order to view/use/read/access any of the contents of said file.
>
> Does anyone know of some existing mechanisms to do this? I suspect I will
> have to build some things myself, but I'm hoping to minimize my efforts.
What you propose above would require source code changes (probably quite
major) to subversion, and doesn't actually obtain any extra security at all,
except in the single circumstance of the server's hard disc being stolen.
Max.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org