[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#834869: ITP: keysafe -- back up secret keys to cloud servers

Package: wnpp
Severity: wishlist
Owner: Sean Whitton <spwhitton@spwhitton.name>

* Package name    : keysafe
  Version         : 0.20160819
  Upstream Author : Joey Hess <joeyh@joeyh.name>
* URL             : https://joeyh.name/code/keysafe/
* License         : AGPL-3
  Programming Lang: Haskell
  Description     : back up secret keys to cloud servers

Upstream synopsis:

> Keysafe backs up a secret key to several cloud servers, split up so
> that no one server can access the whole secret by itself.

> A password is used to encrypt the data, and it is made expensive to
> decrypt, so password cracking is infeasibly expensive.

LWN write-up: https://lwn.net/Articles/696765/

The intended audience of keysafe is those using secret keys to encrypt
only their personal data, when storing it in the cloud.  Such a user
doesn't need to take the security precautions that a Debian Developer or
Debian Maintainer must take to protect their secret key.  However, they
still don't want to lose it and thus invalidate their backups.  Keybase
is designed to make it easy to backup secret keys in the cloud for this
kind of user.

Although this software is experimental, it has the potential to enable a
lot more Debian users to use public/private key cryptography to protect
the data that they store in the cloud.

I intend to package this and submit it for upload to experimental.  I
want to do this because I believe it will enable a lot more testing, and
useful feedback submitted to Joey.  In particular, it will enable
feedback from those who know a lot about cryptography but not much about
Haskell.  Further, we will want it in unstable eventually, and getting
the packaging in shape in advance makes that easy (Joey isn't the kind
of upstream to abandon the software while it's still alpha).

Sean Whitton

Attachment: signature.asc
Description: PGP signature

Reply to: