[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Key revocation



Side note -- I think enterprise is a killer market for tarsnap.  For
multiple reasons -- cost efficiencies of deduplication, speed (in big
part because of dedupication), standard tar interface, ease of use and
automation (engineers are expensive), reliability, encryption model
possibly allowing regulated industries to use the cloud (which they
can't right now), encryption model handy for multiuser trust models,
etc. What you can do with tarsnap for a few bucks a month is pretty
crazy.

Anyway, I think key revocation would be very handy for our use.  Two
use cases.  One -- operations person leaves or gets fired.  At this
point I want to do something equivalent to changing his password,
which for tarsnap I'd imagine being implemented as key revocation.
Much like password change key revocation would be fast, cheap and not
a perfect solution, but it's better than the option of rearchiving
everything with a different master key.  Two -- laptop with a copy
master key is lost.  Chances of whoever finds it breaking local
security and accessing tarsnap in under an hour --small.  Ability for
us to clone the master key and revoke the original -- priceless.

Best regards,

Gleb