[Proposal] Inform user about master key generation on encryption enabling #40468
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: func0der <529819+func0der@users.noreply.github.com>
|
Hi @func0der - Thanks for working on this and giving some thought to the user experience side! I also saw your directly related PR for the docs (nextcloud/documentation#11122). There are a handful of outstanding/overlapping server-side encryption Issues/PRs in the docs section right now, some of which directly touch this matter (https://github.com/nextcloud/documentation/labels/feature%3A%20encryption%20%28server-side%29) Here's what I suggest:
I'll also try to consolidate some of the duplicate Issues in the docs repo that cover this topic. |
joshtrichards
added
the
pending documentation
|
Anything that clears this matter up is a welcome change :D |
This was referenced Mar 12, 2024
Merged
Merged
Merged
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
The user/admin should be informed about the fact that the encryption is generating a master key for the whole instance.
This default behavior was introduced in Nextcloud 13 and was not properly communicated (as it seems). There was no trace to be found in the docs, nor was there anything in the interface warning the non-RTFM users about this.
This change to a less secure, but more user friendly setup, should be clearly communicated to the user since Nextcloud is used in more and more setups which require them to be compliant with very high privacy standards.
If the user is not pro-actively informed about this setup, they might violate those standards by accident.
TODO
Checklist
Code is properly formatted
Sign-off message is added to all commits
Tests (unit, integration, api and/or acceptance) are included
Screenshots before/after for front-end changes
Documentation (manuals or wiki) has been updated or is not required -> Clarify the use of a master key during setup of encryption documentation#11122
Backports requested where applicable (ex: critical bugfixes)