Changes between Version 2 and Version 3 of CryptoPlugin

Timestamp:

Nov 9, 2014, 10:11:01 PM (9 years ago)

Author:

Steffen Hoffmann

Comment:

add privacy comparison table

CryptoPlugin

@@ -5 +5 @@
 == Description ==
 
-CryptoPlugin supports cryptographically backed functions in Trac.
+CryptoPlugin supports cryptographically backed functions in Trac. Privacy offered based on these functions is much different compared to other privacy-related plugins.
+
+Privacy offered by a Trac system depending on setup and user action.
+                                                
+We assume, that users always have the freedom to store data without protection, or take action to eigther sign-only or encrypt/encrypt-sign it.
+
+Trac plugins other than CryptoPlugin attempt to protect only some of Trac's content: SensitiveTicketsPlugin (tickets-only), PrivateWikiPlugin (wiki-only)
+
+However they do not differenciate in terms of protection strength, so we're rated regardless of protected Trac content type here.
+
+|| ||Trac, no plugins||||other plugins installed||||||||!CryptoPlugin installed||
+||modules state||enabled||disabled||enabled||disabled||disabled||enabled||enabled||
+||client setting||n. a.||n. a.||n. a.||Trusted server||Trusted client||Trusted server||Trusted client||
+||||||||||||||||||
+||regular content||n. a.||n. a.||n. a.||n. a.||n. a.||n. a.||n. a.||
+{{{#!tr
+  {{{#!td
+signed content
+  }}}
+  {{{#!td
+n. a.
+  }}}
+  {{{#!td
+n. a.
+  }}}
+  {{{#!td
+n. a.
+  }}}
+  {{{#!td
+    {{{#!div style="background-color:orange"
+weak
+    }}}
+  }}}
+  {{{#!td
+    {{{#!div style="background-color:orange"
+weak
+    }}}
+  }}}
+  {{{#!td
+    {{{#!div style="background-color:orange"
+weak
+    }}}
+  }}}
+  {{{#!td
+    {{{#!div style="background-color:orange"
+weak
+    }}}
+  }}}
+}}}
+{{{#!tr
+  {{{#!td
+secured content
+  }}}
+  {{{#!td
+n. a.
+  }}}
+  {{{#!td
+    {{{#!div style="background-color:red"
+none
+    }}}
+  }}}
+  {{{#!td
+    {{{#!div style="background-color:lightblue"
+strong
+    }}}
+  }}}
+  {{{#!td
+    {{{#!div style="background-color:lightblue"
+strong
+    }}}
+  }}}
+  {{{#!td
+    {{{#!div style="background-color:yellow"
+very strong
+    }}}
+  }}}
+  {{{#!td
+    {{{#!div style="background-color:lightblue"
+strong
+    }}}
+  }}}
+  {{{#!td
+    {{{#!div style="background-color:yellow"
+very strong
+    }}}
+  }}}
+}}}
+                                                
+ Privacy strength rating legend:
+{{{#!div style="background-color:none"
+ n.'' ''a.::
+}}}
+ not applicable
+{{{#!div style="background-color:red"
+ none::
+}}}
+ no protection, not counting read-only wiki pages for (very weak) privacy
+{{{#!div style="background-color:orange"
+ weak::
+}}}
+ prevents unrecognized content change without read-protection
+{{{#!div style="background-color:lightblue"
+ strong::
+}}}
+ depending on server security of Trac system software (plugins included) and storage for Trac content and private user keys
+{{{#!div style="background-color:yellow"
+ very strong::
+}}}
+ depending on client security for private user key storage
+{{{#!div style="background-color:lightgreen"
+ ultimate::
+}}}
+ independent of client and server security for private user key storage
+                                                        
+Ultimate privacy doesn't assume any trust outside of Trac system software (plugins included). This kind of inherit Trac content protection is neither available nor planned yet.
 
 This is [wiki:CryptoPlugin/Dev WiP] and in a very early stage.  Nevertheless testers are very welcome.