Joplin: Feature request: Provide my own master keys?
Operating system
- Windows
- macOS
- Linux
- Android
- iOS
Application
- Desktop
- Mobile
- Terminal
Kudos
First of all, awesome product! I tried working with the Simplenote team about a year ago to add E2EE to their protocol and apps (even provided a POC patch and had it working on Android), but they said they were not interested and didn't think it would integrate well with Simplenote's other goals. (I can't believe that security isn't designed into these products from day 1.) So, kudos to you for designing Joplin with security in mind!
Issue
However, the biggest security hole I see is the transmitting and storage of the encrypted master keys. (I admit I have not read the code to see how they are encrypted using the password -- which would be nice to point out in the docs -- but ...) Handling this in other ways seems to be more secure, no?
Recommended Solutions
Can we have a feature where we can paste in our own base64-encoded master keys (like from PGP)?
Or, better yet, how about integration with a tool that is already designed to handle this for us ... like Open Keychain (Android) / GnuPG, etc.?
Thanks!
ghost
All 2 comments
No plan for this at the moment, but a button to export/import a master key, and a checkbox to disable syncing of master keys could be an option. Doc is on the website.
laurent22
on 11 Apr 2018
I found the doc that describes sort-of how the encryption works, but it does not say how it encrypts the master keys with the password (algorithm, etc.), right?
This would be valuable to know without having to dig into the code, I think.
Thanks!
ghost
on 11 Apr 2018
Related issues
jacobgonzales20
路
3Comments
okoetter
路
3Comments
smhearty
路
3Comments
seagoj
路
3Comments
kopfuss
路
3Comments
Most helpful comment
I found the doc that describes sort-of how the encryption works, but it does not say how it encrypts the master keys with the password (algorithm, etc.), right?
This would be valuable to know without having to dig into the code, I think.
Thanks!