Hi Denis, who will be the owner of the private key, and why does syncope needs to know that the value inside a field is encrypted?
If syncope does not have a key to decrypt the value, then syncope does not even need to know that this field is encrypted is simply a BASE64 encoded String (for example). So from my point of view the only usecase that actually would make sense for such a schema attribute, is if syncope knows the private key (properly generated that key) and the goal is to store encrypted values in a remote system. But why storing information in a remote system, if that system should not be able to read this information? So at this point I can't see a real usecase that would actually benefit from such an attribute. Can you provide an example please. Best regards Jan > -----Original Message----- > From: Denis Signoretto [mailto:[email protected]] > Sent: Mittwoch, 9. Januar 2013 13:02 > To: [email protected] > Subject: Support for encripted schema attributes > > Hi Syncopers, > > At the moment, for our purpose, it's not a actual requirement. > > I'm wondering if in the roadmap could be added a schema attribute which > Syncope stores encrypted so neither the administrator can view the real > value. > > WDYT ? > > Regards, > Denis. > > <http://www.intesys.it/firme/logo_intesys.jpg> > > Denis Signoretto | Senior Project Manager > > Intesys - Via Roveggia 122 A - 37136 Verona Tel. 045 503663 | Fax 045 503604 > [email protected] www.intesys.it <http://www.intesys.it/> > > Le informazioni contenute nella presente e-mail e nei suoi allegati > potrebbero essere confidenziali/riservate e sono dirette unicamente ai > destinatari sopra indicati. In caso di ricezione da parte di persona diversa è > vietato qualunque tipo di divulgazione o copia anche parziale. Chi riceva > questo messaggio per errore è pregato di inoltrarlo al mittente e di > cancellare > questa e-mail. > > This e-mail and its attachments may contain confidential/reserved > information and is intended only for the use of the address(es) named > above. If the reader of this message is not the intended recipient of this > message, please note that distribution or copying of this communication is > forbidden. Anyone who receives this communication in error should return it > immediately to the sender and delete the message. > >
