Re: file encription/decriptoin iOS
Re: file encription/decriptoin iOS
- Subject: Re: file encription/decriptoin iOS
- From: Jens Alfke <email@hidden>
- Date: Wed, 28 Jun 2017 21:27:49 -0700
> On Jun 28, 2017, at 8:04 PM, Dave Fernandes <email@hidden>
> wrote:
>
> So everything is protected by the iCloud Drive service key, but what does
> “which is then stored with the user’s iCloud account” mean? Is it stored on
> the device or in iCloud? That makes all the difference.
I agree it’s vague. The way I read it is that the service key is stored with
other account data in iCloud, but the account data is itself encrypted via the
user’s passphrase (which is not known to Apple.)
If the service key were stored locally, that would beg the question of how it
gets from one device to another. You have to be able to access everything from
a new device by logging into iCloud, so any secrets have to be stored online.
But by encrypting them using the passphrase, Apple prevents anyone else
(including themselves) from reading them.
—Jens
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden