On 1/30/2011 8:33 PM, Marc Dojka wrote:
> On Sun, Jan 30, 2011 at 8:22 PM, Dan Langille <dan@...
> <mailto:dan@...>> wrote:
> On 1/28/2011 6:24 PM, Marc Dojka wrote:
> Hi all,
> I think I already have the answer, but wanted to double check.
> It's not
> possible to have the private key for data encryption password
> correct. Thanks.
> What concern are you trying to resolve by having some kind of
> Dan Langille - http://langille.org/
It is much easier to follow conversation if you reply at the bottom.
> For the backups: The media is stored at an offsite location. When
> the media leaves my control, all data must be encrypted. This is
> for policy reasons, insurance reasons, and ensures confidentiality of
> customer information as well as HR records.
OK, so this is why you encrypt the backup.
> For the keys: So even if both the backups and the keys are
> compromised, they are unusable without the private key password.
I keep thinking, the private key (used only for decryption) does not
need to be on the FD... only the public key (the one used for encryption).
Can someone confirm?
Dan Langille - http://langille.org/