<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: End-to-end encryption API in Discuss Dropbox Developer &amp; API</title>
    <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767709#M4021</link>
    <description>&lt;P&gt;Are you serious? 🧐 What means "API support" in this topic context? API can compromise end-to-end encryption; API cannot support it!&lt;/P&gt;&lt;P&gt;Such type of encryption can be supported only with library code that developers can choose from (on their own opinion - something any developer can do at any time). If you want, you may share such a code in your SDKs, where developers can select, but wouldn't advised anybody (developer or end user) to rely on API or other support directly provided by Dropbox (or any other service probider). This is illogical - like a rabbit to ask for protection some fox, for instance. &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@D88F213CAFB196B6AB70612B08AD9D31/emoticons/1f601.png" alt=":beaming_face_with_smiling_eyes:" title=":beaming_face_with_smiling_eyes:" /&gt; Such type of protection is against service providers! &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@41457EF40051AFF130FDBFE21B496926/emoticons/1f609.png" alt=":winking_face:" title=":winking_face:" /&gt; Its use for something else is meaningless!!!&lt;/P&gt;</description>
    <pubDate>Thu, 02 May 2024 12:21:35 GMT</pubDate>
    <dc:creator>Здравко</dc:creator>
    <dc:date>2024-05-02T12:21:35Z</dc:date>
    <item>
      <title>End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767164#M4015</link>
      <description>&lt;P&gt;Now that end-to-end encryption for teams is available, will there be any API support for this feature?&lt;/P&gt;</description>
      <pubDate>Tue, 30 Apr 2024 12:16:41 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767164#M4015</guid>
      <dc:creator>josuegomes</dc:creator>
      <dc:date>2024-04-30T12:16:41Z</dc:date>
    </item>
    <item>
      <title>Re: End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767193#M4018</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1322303"&gt;@josuegomes&lt;/a&gt;&amp;nbsp;, currently there are no plans to support the API with encrypted files/folders. But I'll share that feedback with our team.&amp;nbsp;&lt;BR /&gt;&lt;BR /&gt;Thank you!&lt;/P&gt;</description>
      <pubDate>Tue, 30 Apr 2024 13:46:26 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767193#M4018</guid>
      <dc:creator>apfund</dc:creator>
      <dc:date>2024-04-30T13:46:26Z</dc:date>
    </item>
    <item>
      <title>Re: End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767233#M4019</link>
      <description>&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1322303"&gt;@josuegomes&lt;/a&gt;&amp;nbsp;wrote:&lt;BR /&gt;&lt;P&gt;Now that end-to-end encryption for teams is available, will there be any API support for this feature?&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;Haha...&lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@D88F213CAFB196B6AB70612B08AD9D31/emoticons/1f601.png" alt=":beaming_face_with_smiling_eyes:" title=":beaming_face_with_smiling_eyes:" /&gt;&lt;/P&gt;&lt;P&gt;Hi &lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1322303"&gt;@josuegomes&lt;/a&gt;,&lt;/P&gt;&lt;P&gt;What do you mean "support" for end-to-end encryption? When such support comes up (let's hope this won't be) the end-to-end encryption will stay... like a joke. &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@488936AC5FA64023548E32631AFD9803/emoticons/1f600.png" alt=":grinning_face:" title=":grinning_face:" /&gt; Do you understand what you ask for? You ask for remove/ban of this feature actually - it'll become meaningless! If even possible (not needed implemented), then it's already meaningless such an "encryption" (especially in quotes) usage.&lt;/P&gt;&lt;P&gt;The promise that this will be evaluated as an option denotes that... no such feature actual exists at all. It's just a marketing trick. &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@41457EF40051AFF130FDBFE21B496926/emoticons/1f609.png" alt=":winking_face:" title=":winking_face:" /&gt; Let's hope this is just &lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1626324"&gt;@apfund&lt;/a&gt;' confusion (misunderstanding the nature of such feature).&lt;/P&gt;&lt;P&gt;Good luck.&lt;/P&gt;</description>
      <pubDate>Tue, 30 Apr 2024 15:29:21 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767233#M4019</guid>
      <dc:creator>Здравко</dc:creator>
      <dc:date>2024-04-30T15:29:21Z</dc:date>
    </item>
    <item>
      <title>Re: End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767700#M4020</link>
      <description>&lt;P&gt;&lt;SPAN&gt;I appreciate your perspective. To clarify, when talking about API support for end-to-end encryption, I'm referring to whether we plan to extend our API support to enable developers to integrate end-to-end encryption functionality into their applications or workflows,. However, I understand your concern about potential implications for the security of end-to-end encryption. It's crucial for any extensions or integrations to maintain the same level of security and privacy protection. Thanks for highlighting this aspect.&lt;/SPAN&gt;&lt;/P&gt;</description>
      <pubDate>Thu, 02 May 2024 11:53:27 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767700#M4020</guid>
      <dc:creator>apfund</dc:creator>
      <dc:date>2024-05-02T11:53:27Z</dc:date>
    </item>
    <item>
      <title>Re: End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767709#M4021</link>
      <description>&lt;P&gt;Are you serious? 🧐 What means "API support" in this topic context? API can compromise end-to-end encryption; API cannot support it!&lt;/P&gt;&lt;P&gt;Such type of encryption can be supported only with library code that developers can choose from (on their own opinion - something any developer can do at any time). If you want, you may share such a code in your SDKs, where developers can select, but wouldn't advised anybody (developer or end user) to rely on API or other support directly provided by Dropbox (or any other service probider). This is illogical - like a rabbit to ask for protection some fox, for instance. &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@D88F213CAFB196B6AB70612B08AD9D31/emoticons/1f601.png" alt=":beaming_face_with_smiling_eyes:" title=":beaming_face_with_smiling_eyes:" /&gt; Such type of protection is against service providers! &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@41457EF40051AFF130FDBFE21B496926/emoticons/1f609.png" alt=":winking_face:" title=":winking_face:" /&gt; Its use for something else is meaningless!!!&lt;/P&gt;</description>
      <pubDate>Thu, 02 May 2024 12:21:35 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767709#M4021</guid>
      <dc:creator>Здравко</dc:creator>
      <dc:date>2024-05-02T12:21:35Z</dc:date>
    </item>
    <item>
      <title>Re: End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767718#M4022</link>
      <description>&lt;P&gt;I'm failing to understand why providing API support is a security threat.&lt;/P&gt;&lt;P&gt;And instead of a (closed?) library, the most secure approach is to use a public, open source encryption algorithm that can be analyzed and scrutinized by third parties. Good encryption relies on strong keys and public algorithms.&lt;/P&gt;</description>
      <pubDate>Thu, 02 May 2024 12:46:56 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767718#M4022</guid>
      <dc:creator>josuegomes</dc:creator>
      <dc:date>2024-05-02T12:46:56Z</dc:date>
    </item>
    <item>
      <title>Re: End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767726#M4023</link>
      <description>&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1322303"&gt;@josuegomes&lt;/a&gt;&amp;nbsp;wrote:&lt;BR /&gt;&lt;P&gt;...&lt;/P&gt;&lt;P&gt;And instead of a (closed?) library, the most secure approach is to use a public, open source encryption algorithm that can be analyzed and scrutinized by third parties. Good encryption relies on strong keys and public algorithms.&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;Hi again &lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1322303"&gt;@josuegomes&lt;/a&gt;,&lt;/P&gt;&lt;P&gt;Absolutely! I fully agree. &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@41457EF40051AFF130FDBFE21B496926/emoticons/1f609.png" alt=":winking_face:" title=":winking_face:" /&gt;&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1322303"&gt;@josuegomes&lt;/a&gt;&amp;nbsp;wrote:&lt;BR /&gt;&lt;P&gt;I'm failing to understand why providing API support is a security threat.&lt;/P&gt;&lt;P&gt;...&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;... and ... what's Dropbox API? &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@9AD39CA637682E9616FBE31CDAF1B6C4/emoticons/1f914.png" alt=":thinking_face:" title=":thinking_face:" /&gt; Is it something public you can rely on? &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@488936AC5FA64023548E32631AFD9803/emoticons/1f600.png" alt=":grinning_face:" title=":grinning_face:" /&gt; No!&lt;/P&gt;&lt;P&gt;No - about the e2e protection at least. As I said, such type of protection targets avoiding info leak during transmission from one end to another end; the weakest point in this route is the service provider that would provide protection. Use either third party service (as far as you may rely there is no any relation) or organize it on your own - using library of your choice with keys algorithms selected by you or your users and unknown to Dropbox (or any other service provider).&lt;/P&gt;&lt;P&gt;Dropbox may improve transportation between endpoints and its servers only. That's something encrypted well with TLS 1.2 (may be better). Don't rely, as I said, a fox to protect a rabbit - something equivalent to expect service providers to organize protection targets them. &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@41457EF40051AFF130FDBFE21B496926/emoticons/1f609.png" alt=":winking_face:" title=":winking_face:" /&gt;&lt;/P&gt;&lt;P&gt;Hope this sheds some light.&lt;/P&gt;</description>
      <pubDate>Thu, 02 May 2024 13:02:52 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767726#M4023</guid>
      <dc:creator>Здравко</dc:creator>
      <dc:date>2024-05-02T13:02:52Z</dc:date>
    </item>
    <item>
      <title>Re: End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767728#M4024</link>
      <description>&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Indeed, I confused "API" and "SDK", apologies and thanks for being so understanding. It's important to emphasize that only ciphertext can be uploaded and downloaded via the HTTP API itself.&lt;/P&gt;
&lt;P&gt;To enable End-to-End Encryption (support for third-party developers, integrating the encryption and decryption logic into the SDKs(!) would be necessary. I've already shared this feedback with the team.&lt;/P&gt;</description>
      <pubDate>Thu, 02 May 2024 13:06:48 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767728#M4024</guid>
      <dc:creator>apfund</dc:creator>
      <dc:date>2024-05-02T13:06:48Z</dc:date>
    </item>
    <item>
      <title>Re: End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767735#M4025</link>
      <description>&lt;P&gt;I'm talking about specifically about an API support. Something like a hypothetical: /upload_session/start_encrypted that only accepts locally encrypted payloads.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Thu, 02 May 2024 13:42:15 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767735#M4025</guid>
      <dc:creator>josuegomes</dc:creator>
      <dc:date>2024-05-02T13:42:15Z</dc:date>
    </item>
    <item>
      <title>Re: End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767736#M4026</link>
      <description>&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1322303"&gt;@josuegomes&lt;/a&gt;&amp;nbsp;wrote:&lt;BR /&gt;&lt;P&gt;I'm talking about specifically about an API support. Something like a hypothetical: /upload_session/start_encrypted that only accepts locally encrypted payloads.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;Is something preventing you to do so?! &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@9AD39CA637682E9616FBE31CDAF1B6C4/emoticons/1f914.png" alt=":thinking_face:" title=":thinking_face:" /&gt;&lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@FBF7D2AB59A0D6E861EBF6A36F93B7E2/emoticons/1f642.png" alt=":slightly_smiling_face:" title=":slightly_smiling_face:" /&gt;&lt;/P&gt;&lt;P&gt;You don't need special support. Missing of such a support and not rely on such make your code even more secure! &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@41457EF40051AFF130FDBFE21B496926/emoticons/1f609.png" alt=":winking_face:" title=":winking_face:" /&gt; In such a way Dropbox cannot distinguish (or not directly at least) between encrypted and unencrypted content.&lt;/P&gt;</description>
      <pubDate>Thu, 02 May 2024 13:50:08 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767736#M4026</guid>
      <dc:creator>Здравко</dc:creator>
      <dc:date>2024-05-02T13:50:08Z</dc:date>
    </item>
    <item>
      <title>Re: End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767738#M4027</link>
      <description>&lt;P&gt;&amp;gt; Is something preventing you to do so?!&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Yes. The API doesn't exist. That is the very reason for the original post.&lt;/P&gt;</description>
      <pubDate>Thu, 02 May 2024 13:51:48 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767738#M4027</guid>
      <dc:creator>josuegomes</dc:creator>
      <dc:date>2024-05-02T13:51:48Z</dc:date>
    </item>
    <item>
      <title>Re: End-to-end encryption API</title>
      <link>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767740#M4028</link>
      <description>&lt;BLOCKQUOTE&gt;&lt;HR /&gt;&lt;a href="https://www.dropboxforum.com/t5/user/viewprofilepage/user-id/1322303"&gt;@josuegomes&lt;/a&gt;&amp;nbsp;wrote:&lt;BR /&gt;&lt;P&gt;...&lt;/P&gt;&lt;P&gt;Yes. The API doesn't exist. There is the very reason for the original post.&lt;/P&gt;&lt;HR /&gt;&lt;/BLOCKQUOTE&gt;&lt;P&gt;Hm... &lt;img class="lia-deferred-image lia-image-emoji" src="https://www.dropboxforum.com/html/@9AD39CA637682E9616FBE31CDAF1B6C4/emoticons/1f914.png" alt=":thinking_face:" title=":thinking_face:" /&gt; Ok...🤷🤦&lt;/P&gt;&lt;P&gt;Good luck.&lt;/P&gt;</description>
      <pubDate>Thu, 02 May 2024 13:52:27 GMT</pubDate>
      <guid>https://www.dropboxforum.com/t5/Discuss-Dropbox-Developer-API/End-to-end-encryption-API/m-p/767740#M4028</guid>
      <dc:creator>Здравко</dc:creator>
      <dc:date>2024-05-02T13:52:27Z</dc:date>
    </item>
  </channel>
</rss>

