Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I am guessing he is expecting to share pics with users who did not sign up. It maybe a one time thing.

But I think you need user logged in because of encryption.



That’s right.

We could generate public URLs that contain the decryption key of the album within the URL fragment. But as an encrypted storage provider, we would like to ship this only after we're reasonably confident that there are checks in place to prevent abuse.


Yes, this is what I meant and the solution you describe is what I'd be looking for. So +1 from me!


ente looks interesting to me, but I would like to have the feature to share an album with anyone who has the link. I guess that is not so easy to do though as it would require creating a decrypted copy of the photos in the album that you wish to share which would take extra time and space.


The client that is sharing the album could append the decryption key of that album to the URL fragment, such that it never reaches the server.

For example: albums.ente.io/{albumID}/!#{decryptionKey}

Now on the receivers side, the client can use this `decryptionKey` to decrypt and render the photos.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: