Use the api to fetch the admin public key for users to send the decryption key securely #1244

Tbaut · 2021-07-07T10:07:00Z

To report a file that may not comply with our privacy policies, users can send to an admin the path to the file that is concerned, along with the decryption key. For the first iteration of this feature, users need to send this info per email, and because this means of transport is insecure, the file decryption key should be first encrypted with an admin public key.

This admin public key is currently hardcoded in the UI, and it should rather be fetched from the api so that it can be rotated without any UI change.

Tbaut added Epic: Sharing v1 (current users) Planning: Needs estimation and removed Planning: Needs estimation labels Jul 7, 2021

Tbaut added the Product: Files label Jul 15, 2021

Tbaut added Epic: Sharing with link Added to issues due for Sharing v1, allowing to share with any email from Google/Github. and removed Epic: Sharing v1 (current users) labels Aug 3, 2021

Tbaut self-assigned this Sep 1, 2021

Tbaut removed the Epic: Sharing with link Added to issues due for Sharing v1, allowing to share with any email from Google/Github. label Sep 1, 2021

Tbaut mentioned this issue Sep 2, 2021

[Files] - Get admin public key from the api #1485

Merged

Tbaut closed this as completed in #1485 Sep 17, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Use the api to fetch the admin public key for users to send the decryption key securely #1244

Use the api to fetch the admin public key for users to send the decryption key securely #1244

Tbaut commented Jul 7, 2021

Use the api to fetch the admin public key for users to send the decryption key securely #1244

Use the api to fetch the admin public key for users to send the decryption key securely #1244

Comments

Tbaut commented Jul 7, 2021