Regarding the encryption strategies

[Saksham Saxena]

https://privlyalpha.org/apps/Message/show?privlyApp=Message&privlyInject1=true&random_token=aa71236760&privlyDataURL=https%3A%2F%2Fprivlyalpha.org%2Fposts%2F4693.json%3Frandom_token%3Daa71236760#privlyLinkKey=%2BDJgzxTA4M7Vxc6k27GHuSflNIJNX2hlf0ezkpjH1%2FQ%3D 

[Sean McGregor]

The key is an aes256 private key, yes. This should never be shared with the content server. This is a design choice of the "Message" privly application, but is a good layer of encryption for any app with remotely stored content because it will ensure the content can't be decrypted without access and discovery of the link.

The auth token authenticates the link, without the token the request will return forbidden. This prevents crawling the content server. This is a convention of a particular content server and will not necessarily be part of every link.

-Sean

https://privlyalpha.org/apps/Message/show?privlyApp=Message&privlyInject1=true&random_token=aa71236760&privlyDataURL=https%3A%2F%2Fprivlyalpha.org%2Fposts%2F4693.json%3Frandom_token%3Daa71236760#privlyLinkKey=%2BDJgzxTA4M7Vxc6k27GHuSflNIJNX2hlf0ezkpjH1%2FQ%3D 

--
You received this message because you are subscribed to the Privly development mailing list. To post to this list, send email to pri...@googlegroups.com. To unsubscribe from this group, send email to privly+un...@googlegroups.com. For more options, visit this group at https://groups.google.com/d/forum/privly?hl=en
 
Privly testers should also sign up for this list: https://groups.google.com/forum/#!forum/privly-test
---
You received this message because you are subscribed to the Google Groups "privly" group.
To unsubscribe from this group and stop receiving emails from it, send an email to privly+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Saksham Saxena]

I see it now, thanks. I had an idea to improve the UX, but I'd rather research a little before pitching it. 

Thanks.