Make master key exchangeable
Breaking Change Requires profile upgrade logic (probably manual export & import)
- Create an encryption key (profile key) for the profile
- Encrypt the profile key + integrity name with master key, store in dedicated file (allow multiple integrity files for different logins)
- Provide random master key option
We want to use different files so that a system admin may permit users to change their integirty file but may only read the profile without write access.
Edited by Ghost User