|
|
|
|
|
Posted by Jiriki on September 20, 2006, 10:01 am
Please log in for more thread options
Hello,
I have a question about WebDav and EFS. I understand that when using
WebDav, encrypted files are send as raw file to the server sharing the
Web folder. This works as far as you use http to connect to the web
folder. Whenever you use https, the server will store the file
unencrypted.
Is this a bug or does this happen by design?
I appreciate your help,
Jiriki
|
|
Posted by S. Pidgorny on September 24, 2006, 9:04 am
Please log in for more thread options
Please elaborate? EFS is for storage, WebDAV is for sharing - the two won't
affect each other.
--
Svyatoslav Pidgorny, MS MVP - Security, MCSE
-= F1 is the key =-
> Hello,
>
> I have a question about WebDav and EFS. I understand that when using
> WebDav, encrypted files are send as raw file to the server sharing the
> Web folder. This works as far as you use http to connect to the web
> folder. Whenever you use https, the server will store the file
> unencrypted.
>
> Is this a bug or does this happen by design?
>
> I appreciate your help,
> Jiriki
>
|
|
Posted by Paul Adare on September 24, 2006, 11:18 am
Please log in for more thread options microsoft.public.windows.server.security news group, S.
> Please elaborate? EFS is for storage, WebDAV is for sharing - the two won't
> affect each other.
>
When using SMB/CIFS an EFS encrypted file is decrypted
before it is sent over the wire and then re-encrypted when
it hits the remote server. When using WebDAV the raw EFS
file is sent in its encrypted state.
--
Paul Adare - MVP Virtual Machines
It all began with Adam. He was the first man to tell a
joke--or a lie. How lucky Adam was. He knew when he said a
good thing, nobody had said it before. Adam was not alone
in the Garden of Eden, however, and does not deserve all
the credit; much is due to Eve, the first woman, and Satan,
the first consultant." - Mark Twain
|
|
Posted by Karl Levinson, mvp on September 24, 2006, 9:25 am
Please log in for more thread options
> Hello,
>
> I have a question about WebDav and EFS. I understand that when using
> WebDav, encrypted files are send as raw file to the server sharing the
> Web folder. This works as far as you use http to connect to the web
> folder. Whenever you use https, the server will store the file
> unencrypted.
EFS encryption is applied per folder. If you encrypt the folder the server
uses to store the file, it won't matter whether HTTP or HTTPS is used for
the transfer.
EFS encryption does not encrypt files during network transfer. It is
encryption for files on disk only.
--
kind regards,
Karl Levinson, MS MVP
Security FAQ site:
http://securityadmin.info/faq.asp
|
|
Posted by Paul Adare on September 24, 2006, 11:17 am
Please log in for more thread options microsoft.public.windows.server.security news group, Karl
>
> > Hello,
> >
> > I have a question about WebDav and EFS. I understand that when using
> > WebDav, encrypted files are send as raw file to the server sharing the
> > Web folder. This works as far as you use http to connect to the web
> > folder. Whenever you use https, the server will store the file
> > unencrypted.
>
> EFS encryption is applied per folder.
No, EFS can be applied at the file or folder level.
> If you encrypt the folder the server
> uses to store the file, it won't matter whether HTTP or HTTPS is used for
> the transfer.
>
> EFS encryption does not encrypt files during network transfer. It is
> encryption for files on disk only.
Perhaps you should read up on how EFS works when it is used
on a remote file server. When using SMB/CIFS the EFS file
is decrypted when it is sent over the wire and then is re-
encrypted on the remote server. When using WebDAV the EFS
file is sent over the wire in its raw, encrypted state.
Having explained that, whether or not the WebDAV share is
accessed via HTTP or HTTPs should have no impact on EFS.
--
Paul Adare - MVP Virtual Machines
It all began with Adam. He was the first man to tell a
joke--or a lie. How lucky Adam was. He knew when he said a
good thing, nobody had said it before. Adam was not alone
in the Garden of Eden, however, and does not deserve all
the credit; much is due to Eve, the first woman, and Satan,
the first consultant." - Mark Twain
|
| Similar Threads | Posted | | OpenRowset : DSN : file-system permissions : Local System | March 14, 2008, 10:23 am |
| recover encrypted file in windows XP after change password | September 1, 2006, 2:07 am |
| File System / Directory Security | August 17, 2007, 1:38 pm |
| Extract ACL's from Windows NTFS file system | July 14, 2005, 9:07 pm |
| Minimum File System Access Needed for a Service? | December 6, 2005, 3:14 am |
| Giving a device access to EFS (Encrypting File System) | April 28, 2006, 8:01 pm |
| Access to NT4 File Ressources denied from Windows 2003 System | April 7, 2006, 2:49 am |
| IIS 6.0 HTTPS Upload | May 31, 2007, 10:25 am |
| EFS and WebDAV - Secure Solution?! - Part 2 | October 6, 2006, 3:44 am |
| Hiding folders that a user does not have rights to access - WebDAV | January 2, 2008, 2:37 pm |
|
|
|
|
XML Sitemap