vzool
commented
1 year ago I already made the PR, so this may further the discussion about it. 🤗
Open vzool opened 1 year ago
vzool
commented
1 year ago I already made the PR, so this may further the discussion about it. 🤗
NOXITB
commented
11 months ago I already made the PR, so this may further the discussion about it. 🤗
Hello We Would Like to inform you that we will not be adding this to the repository as it breaks zero trust as well as people who are not aware of how it works make create a security risk if you would like to add 2 seperate scripts we would be happy to take a look into this
This would defeat the zero-trust architecture. Server and Website needs to be separate in order to achieve truly zero-trust architecture. Passky Server and Server Administrator should never know the data that user manage with Passky Website.
For example lets say that you are using Official Passky Client and connect to a random suspicious Passky Server. The Administrator of suspicious Passky Server will only be able to get encrypted data (Because of Zero-trust architecture) and your data will still be safe unless he manages to get your master password (Probably thru phishing attack).
For me, correct implemented Zero-trust architecture is a lot more important than having All-In-One option.