Imagine everyone was a royal. If that was the case, privacy would not be enough. We would all have top notch secrecy. In this workshop you will be treated as the VIP you are and learn how to achieve this very urgent and neglected requirement in Drupal, with the Protected Content contrib module.

Prerequisite
Participants should:

Understand Drupal content types, fields, and entity references.

Have basic familiarity with encryption concepts (e.g., public/private keys).

Know how to configure modules and fields in Drupal’s admin UI.

Outline
Part 1: Foundations & Standalone Mode (45 mins)

Why Zero Trust? Security challenges and client-side encryption.

Key Management: Generating user keys via /proc/generate-keys.

Encrypting Content: Using /proc/add/ for files and sharing secure links.

Decryption Workflow: Recipient access, modal forms, and cache strategies.

Part 2: Field Mode & Advanced Use (45 mins)

Field Configuration: Adding Proc Entity Reference Field to forms.

Formatter Options: Armored media embeds, decrypt links, and modal overrides.

Global Settings: Stream wrappers, RSA key size, and password caching.

APIs & Plugins: Fetching keys via /api/proc/getpubkey, re-encryption plugins, and relabeling.

Q&A + Demo: Troubleshooting cache caveats and integrating with existing workflows.

Learning Objectives
By the end, attendees will:

Implement client-side encryption for standalone content and fieldable entities.

Configure global security policies (key size, caching) and field-specific workflows.

Use OpenPGP.js to encrypt/decrypt files and text without server-side exposure.

Understand how Zero Trust principles apply to Drupal content governance.

Leverage APIs and plugins for re-encryption, auditing, and metadata management.

Experience level
Intermediate