[Box Backup] Unencrypted storage?

[Joe Krahn]

I currently use an rsync-to-RAID backup system. It is pretty efficient 
to do incremental backups by doing a recursive directory tree hard link, 
then do rsync with deletion to make separate file data for changed 
files. The result is easy browsing of several snapshot states.

Even though box backup is designed around secure storage, I thought it 
might be good to have an unencrypted option for a trusted RAID system, 
to make file browsing easy.

BUT then I realized: even if you trust the backup server, encrypted data 
is much better system. This way, all of the backup tapes/disks do not 
contain sensitive data. The only sensitive data is the cert keys. If a 
RAID disk dies, you don't have to worry about throwing it away.

SO, if one wants files browsable on the storage server, the best 
approach is to keep everything encrypted, but let the server hold a copy 
  of the client keys.

In fact, a PHP/HTTPS based file browser could require you to send the 
client key, and hold it only for the duration of a PHP Session.

Does this sound like a good plan for people with a trusted storage server?

Joe Krahn