Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Proposal] Inform user about master key generation on encryption enabling #40468

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

[Proposal] Inform user about master key generation on encryption enabling #40468

wants to merge 2 commits into from
+1 −0

Conversation

func0der
Copy link

@func0der func0der commented Sep 17, 2023
edited
Loading

Summary

The user/admin should be informed about the fact that the encryption is generating a master key for the whole instance.
This default behavior was introduced in Nextcloud 13 and was not properly communicated (as it seems). There was no trace to be found in the docs, nor was there anything in the interface warning the non-RTFM users about this.

This change to a less secure, but more user friendly setup, should be clearly communicated to the user since Nextcloud is used in more and more setups which require them to be compliant with very high privacy standards.
If the user is not pro-actively informed about this setup, they might violate those standards by accident.

TODO

  • Add language file entries for all languages (done when this change finds acceptance)

Checklist

@joshtrichards
Copy link
Member

Hi @func0der - Thanks for working on this and giving some thought to the user experience side! I also saw your directly related PR for the docs (nextcloud/documentation#11122).

There are a handful of outstanding/overlapping server-side encryption Issues/PRs in the docs section right now, some of which directly touch this matter (https://github.com/nextcloud/documentation/labels/feature%3A%20encryption%20%28server-side%29)

Here's what I suggest:

  • Let's see if we can use your recent PR in the docs repo to finally clean up the server-side encryption documentation a bit (in this particular area at least)
  • Once the docs are clear(er), let's see bring some of it's language into this PR and/or reference it

I'll also try to consolidate some of the duplicate Issues in the docs repo that cover this topic.

@joshtrichards joshtrichards added the pending documentation This pull request needs an associated documentation update label Oct 27, 2023
@func0der
Copy link
Author

Anything that clears this matter up is a welcome change :D

@solracsf solracsf added this to the Nextcloud 28 milestone Nov 21, 2023
@blizzz blizzz mentioned this pull request Nov 22, 2023
Merged
5 tasks
@blizzz blizzz modified the milestones: Nextcloud 28, Nextcloud 29 Nov 23, 2023
@skjnldsv skjnldsv added the 2. developing Work in progress label Feb 21, 2024
This was referenced Mar 12, 2024
Merged
Merged
Merged
This was referenced Mar 20, 2024
Merged
Merged
@skjnldsv skjnldsv mentioned this pull request Mar 28, 2024
Merged
81 tasks
@skjnldsv skjnldsv modified the milestones: Nextcloud 29, Nextcloud 30 Mar 28, 2024
This was referenced Jul 30, 2024
Merged
Merged
This was referenced Aug 5, 2024
Merged
Merged
@skjnldsv skjnldsv mentioned this pull request Aug 13, 2024
Merged
@skjnldsv skjnldsv removed this from the Nextcloud 30 milestone Aug 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
2. developing Work in progress feature: encryption (server-side) pending documentation This pull request needs an associated documentation update
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@func0der @joshtrichards @blizzz @solracsf @skjnldsv