Timeline for Options for client-side encryption of local web databases
Current License: CC BY-SA 3.0
5 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Mar 19, 2014 at 16:15 | comment | added | kedoska | @AdamMarshall hope this can help to understand my point of view. | |
| Mar 19, 2014 at 16:14 | history | edited | kedoska | CC BY-SA 3.0 |
more details about the diagram
|
| Mar 19, 2014 at 9:11 | comment | added | Adam Marshall | Also, Q3: The workflow includes Two Factor Auth, what benefits would be gained from this over just Basic Auth? The application will be used mainly on private, secure networks (on-site) or over a VPN, and where there are connections over a public network these shall require HTTPS. | |
| Mar 19, 2014 at 8:46 | comment | added | Adam Marshall | Thanks for this. I would appreciate it you could elaborate in your answer a bit more, particularly in terms of the following 2 questions. The workflow includes "Save To Local". Q1: doesn't that contradict "Caching sensitive data: Don't"? If not then what is your suggestion for the "Save To Local" implementation? Q2: The data would also need to be decrypted locally, not just when syncing with the API, is that acceptable? In other words saved and loaded locally, not just created and saved locally then never 'read' out again. | |
| Mar 18, 2014 at 17:51 | history | answered | kedoska | CC BY-SA 3.0 |