[aerogear-dev] Goals on Security
Summers Pittman
supittma at redhat.com
Mon Sep 16 11:37:45 EDT 2013
+1. I'll chat with Passos and get some goals and PR them
Sent from my Android phone using TouchDown (www.nitrodesk.com)
-----Original Message-----
From: Bruno Oliveira [bruno at abstractj.org]
Received: Monday, 16 Sep 2013, 11:34AM
To: AeroGear Developer Mailing List [aerogear-dev at lists.jboss.org]
Subject: Re: [aerogear-dev] Goals on Security
I'm changing the subject because I don't want to hijack that thread.
Summers Pittman wrote:
> I see the crypto bits for android. If we include file system/SQLite
> encryption then it dovetails nicely into 1.4 which is
> offline/prefetch/etc.
+1
> However, I don't see any use cases/goals/etc. IE I'm not sure what
> implementing crypto will look like. This may be my problem though
Currently I'm working to provide easy to use encryption for JS, iOS and
Android (https://github.com/abstractj/cryptoparty). This project aims to
provide: password encryption, symmetric/asymmetric encryption,
hashing...and all the things to mess up with your data. Once I have a
first draft, documentation + the usage and scenarios will be included to
some whatever AeroGear Crypto spec.
(The name of the project will change, or not)
I was just wondering about 2 possible showcase apps:
- Encrypted chat (it creates a dependency on the server side) -1 on it
- Password manager app (do not depend on the server until we start to
discuss data sync) +1
>
> I was wondering, will this be a good time to drag in more enterprise
> features like remote wipe, authz, and friends?
I think they are all good features. ATM I would say, let's stay focused
on offline encryption and be more server independent as possible. Also
feel free to send a PR to our security roadmap
(https://github.com/aerogear/aerogear.org/blob/master/docs/planning/roadmaps/AeroGearSecurity.asciidoc)
I can't guess how many kit kats we want :)
Makes sense?
--
abstractj
More information about the aerogear-dev
mailing list