Secure encrypted sharing (awaiting Rclone's crypt improvements)
planned
Tom Raganowicz
Currently when user shares E2E encrypted files we're appending the master key to the end of the URL using https://s3.endpoint.com#masterKeyHere
It's not giving access to other files, but it's not ideal for a user to reveal their master key. It's leaking some security context which in principle could be used as an additional info in a more targeted attacks.
Instead we should generate specific share key applicable only to shared resources.
Rclone discussion: https://github.com/rclone/rclone/issues/7192
Tom Raganowicz
This is now dependent on cipher improvements that needs to be coordinated with Rclone maintainer.
https://github.com/rclone/rclone/issues/7192
Tom Raganowicz
planned
Tom Raganowicz
in progress
Tom Raganowicz
planned