[clue] Speaker for 2014-11-11 talk.
Quentin Hartman
qhartman at gmail.com
Mon Nov 10 18:05:10 MST 2014
Just to pile on from Aaron, many people refer to this as the distinction
between "security in transit" and "security at rest". They are useful
phrases for talking about this sort of thing. Ideally you really want to
have both, but whether or not it matters for your application is unknown.
QH
On Mon, Nov 10, 2014 at 5:53 PM, Aaron D. Johnson <adj at fnord.greeley.co.us>
wrote:
> David L. Anselmi writes:
> > I have a security question too. Should I encrypt a file I'm sending
> > over SFTP? (This is just to sanity check my opinion that the
> > security guys who say it's a requirement don't know what they're
> > talking about.)
>
> Layered security is good. :) SFTP will encrypt the file as it's
> moving across your (and other parties') networks. (Strictly speaking,
> SFTP the protocol doesn't encrypt it, but the SSH tranport it uses
> does.) Encrypting it before you send it (what are their requirements
> there?) means you have confidentiality (and possibly authenticity,
> too) at each endpoint.
>
> What threat model are your security guys defending against? What
> threats are you concerned about?
>
> - Aaron
> _______________________________________________
> clue mailing list: clue at cluedenver.org
> For information, account preferences, or to unsubscribe see:
> http://cluedenver.org/mailman/listinfo/clue
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cluedenver.org/pipermail/clue/attachments/20141110/1ab3f237/attachment.html
More information about the clue
mailing list