• Status: Design/Prototyping
• Updated: 2008-01-24

1. Home
2. Tick List

Roswell Secure Content Repository

The Motto - Secrecy and Open Source

One may wonder how you can have an open source system designed to store secrets. The answer is simple and the projects motto gives you the clue: Secrecy is no substitute for security. Secrecy in the construction of security systems invariably leads to complacency. Somehow, along the way, system passwords become hard-coded in source, weak encryption becomes the norm, key management disappears, and token generation relies on schemes so simple a five year old child could spoof it.

What I'm hoping to do with Open Source is to expose the mechanism for all to see and comment on. That way, I can catch errors and bad design early, and remove any holes so that when properly installed and locked down knowledge any knowledge of the systems internal structure will become irrelevant to its security.