Privacy and passwords
Andrew Sackville-West
andrew at swclan.homelinux.org
Thu Mar 6 10:15:45 EST 2008
On Thu, Mar 06, 2008 at 08:55:34AM -0500, Josh Sled wrote:
> David Lee Lambert <lamber45 at msu.edu> writes:
> > That said, it should be easy to implement for the XML file. Right now, the
> > GNUcash file is compressed XML with a "gnc-v2" root element. Someone could
> > define a new "gnc-v2-encrypted" element with "algorithm" and "salt"
>
> This is more complex than just encrypting the whole file, as `gpg -c
> $datafile` would do. If someone wanted to implement encryption, a symmetric
> approach using a "libgnupg" or something would probably be reasonable; it
> could prompt for the passphrase on file open/save.
and cache the passphrase, or else prompt at every auto-save... and
what about log files? one may want to encrypt custom reports and other
bits of .gnucash or else you'll be providing strings that are
guaranteed to be in the data file, which IIUC help in decryption
efforts.
A
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.gnucash.org/pipermail/gnucash-user/attachments/20080306/80c8a2e7/attachment.bin
More information about the gnucash-user
mailing list