Lomilar
commented
3 years ago Largely accomplished through eduworks/ec branch 'rekey'.
- If the server is compromised, one must presume the entire history of every object is compromised, and rekeying that is a bridge too far. Updating historic data is a no-no, so we're updating our threat model based on that.
- If the server recognizes and adheres to key forwarding records only when validating security checks, it can protect any old data or historic data from being disclosed. This means that one key forwarding record effectively performs an entire forward -- no need to touch records, especially given 1). This has been implemented in a branch on ec.
- The client can also download and adhere to these key forwarding records, which can (and has been) implemented as part of RemoteLinkedData.upgrade()
- EcRepository.init(url,success,failure) has been created to download the key forwarding records and determine the server time offset (to ensure signature sheets operate correctly).
- Keys stored on a system or in a record should be seen as a keychain, as old keys are still useful for decrypting historic records. Key forwarding doesn't re-encrypt.
- We have written unit tests in EC that prove this operates. There is one significant change, which is to use EcRepository.init(selectedServer,success,failure) when instantiating a repository. The rest is taken care of(tm) during upgrade() -- which happens upon reading of a record from the server.
Unsolved: Organizations are identified through their primary key, when rekeying an organization (group, etc), how do we support forwarding of the key from the organizational identification perspective as well as the owned/readable objects.