[Popcon-developers] encrypted popcon submissions

[weasel@debian.org (Peter Palfrader)]

On Fri, 10 May 2013, Bill Allombert wrote:

> I am considering activating encryption of popularity-contest submissions
> using public key cryptography to protect popcon submission while in transit.

Do you think the benefits outweight the drawback that the admin no
longer can be certain we don't send anything we shouldn't?

> - The popcon.debian.org server will know the matching private key and use it to
> decrypt report before storing them.

> The drawback is the computing cost on the server. Currently we are processing
> about 25000 report each days, which would require about 2 hours of 'real' 
> CPU time to decrypt, which is too much for popov.debian.org. On the other hand
> this is easily parallelisable. 

Why do you think this is too much for popov to handle?  And if it really
is, adding vCPUs is easy.

Why is transport encryption (ala https) not sufficient?

Cheers,
weasel
-- 
                           |  .''`.       ** Debian **
      Peter Palfrader      | : :' :      The  universal
 http://www.palfrader.org/ | `. `'      Operating System
                           |   `-    http://www.debian.org/