<div dir="ltr"><div class="gmail_extra"><div>On Mon, Nov 10, 2014 at 6:59 PM, Aaron D. Johnson <span dir="ltr"><<a href="mailto:adj@fnord.greeley.co.us" target="_blank">adj@fnord.greeley.co.us</a>></span> wrote:<br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">Andrew Diederich writes:<br>
> Encrypting the file before you send it doesn't help protecting the<br>
> transit of the file. (I vaguely remember, from years ago, that<br>
> combining certain layered encryption made the contents easier to<br>
> figure out.) If you need the file encrypted from where it starts,<br>
> or need it encrypted where it ends up, then encrypting it makes<br>
> sense. But otherwise it doesn't.<br>
<br>
</span>Encrypting and signing it before sending it assures the receiver that<br>
its contents were not disclosed in transit and that the contents of<br>
the file were not modified while moving across a network controlled by<br>
other, possibly hostile, parties.<br>
<br>
Whether that is part of the David's security team's requirements, I<br>
cannot say.<br>
<br>
Does that make sense? I may not be explaining very well.</blockquote><div><br></div><div>Yes, that makes sense. It ties in to the foot-stomp that, to get the right implementation, you need to know what the security requirements really are. :) I pulled out my Security+ book just now to get the words right. It talks about confidentiality, integrity, and availability. The last is just disaster recovery and redundancy. In-transit confidentiality is covered by sftp working over the ssh protocol, assuming the sending and receiving servers aren't cracked. For the at-rest part, encrypting the file makes that better. For integrity (i.e. making sure the file hasn't been modified) a signature works, and we've all seen tarballs with md5 or SHA hashes for the same purpose. </div><div><br></div><div>And if anyone has a security team that quickly and clearly identifies the security requirements for the system, understands your product and the cost/benefit of the various implementation choices, and can prioritize the work, just keep giving them money until they have no thought of leaving. They're worth it.</div><div><br></div><div>-- </div><div>Andrew Diederich</div></div></div></div>