Housekeeping server zero knowledge

Open deajan opened this issue 2 years ago • 1 comments

This would be a killer feature for backends. In the meantime, we might create a proxy service that receives housekeep commands Investigate how to protect from cryptos... Does housekeep server have a "bare minimum to keep" policy ?

Mar 30 '23 23:03 deajan

So zero knowledge is hard to achieve since we got restic symmetric encryption. Best we can do is using a separate "orchestrator client", that will exist in v3.0. Once this exists, we might reconsider proxying commands to the orchestrator client, so the client has real zero knowledge.

Btw, running a proxy server having "all" secrets would allow client to have real zero knowledge.

Jan 17 '24 13:01 deajan