No mention of CalDAV or CardDAV at all then, so an alpha âfeatureâ
Ich möchte nicht mehr Kontaktiert werden
Will we see the .msi package for Windows Client?
Itâs very important to maintance the client with AD environments
Very great news
A colleague spoke to me about the concept of âprivacy by designâ.
It is very interesting that only user can access its data.
Thanks a lot
When do you think it will be included by default ?
the caldav & carddav disabling is a bug, that shouldnât happen. @bjoern should probably know about this?!?
I donât know but if we create that it would probably be only for paying customers. Seems like a feature only really relevant for companies with larger number of users. If you need it and are a customer, contact sales/your account manager and ask about this!
Really awesome!
But files are not the only thing to encrypt: The next step should be to add e2e encryption to contacts and calendar, too! This also very private dataâŠ
I agree with rugk: Contacs & calendar, etc. are essential informations that should be enycrypted.
What about encrypting the database used by NC where these informations are stored? Is there a way to encrypt the complete databas (mysql, sqlite,âŠ)?
Regards
Yes, Iâm aware of it. @mannp already created a bug report CardDAV and CalDAV stop working with E2EE enabled. · Issue #3 · nextcloud/end_to_end_encryption · GitHub and there is already a fix https://github.com/nextcloud/end_to_end_encryption/pull/4 waiting for review.
As soon as CardDAV/CalDAV supports it we can think about it. Encrypting it server side adds a lot of complexity, increases the risk for additional bugs and doesnât provide a significant security improvement.
Does the bug bounty program also apply to E2EE? Because of the importance and severity of this part of Nextcloud it should apply here as well. Maybe even more so than for everything else (which doesnât mean other parts arenât important too!), so upgrading the awards in this case money-wise wouldnât be a bad idea.
I think a special competition (âTry to crack our client side encryption if you can!â) would be a good idea for this purpose too. Tresorit did this some time ago for example.
It would apply once this is final and part of Nc 13, yeah. And - good idea. @LukasReschke just a thought
Not sure if this is the right place to ask but nevertheless:
This nice gif shows the nextcloud android app in which it is possible to encrypt data. Which version is it? I wanted to test this feature. Therefor I set up a new nextcloud 12.0.3 installation and manually copied the end-to-end encryption app to the app folder. I tried the latest android app from here on my android phone, but I canât see the possibility to encrypt a folder. Is the feature deactivated?
Thanks a lot for your answer!
Seems to be not merged yet:
You would have to build it yourself probably but a new release in the dev branch (last one is quite old now) with encryption support enabled would be great.
See the instructions in the blog. You have to join our beta program, THEN the alpha-testing-google-plus group and then you get a test build of the app
Would be awesome to have it in the Nextcloud Dev App on F-Droid as well. The last version there is quite old now, almost a month since the last release.
Regarding the statement "The design supports a Hardware Security Module for enterprise environments which enables securely issuing new keys to users " , I am not clear on which keys/certificates are stored in the HSM ?
Please donât hijack announcement topics for you individual problems. Closing topic.