[tahoe-dev] separating security and redundancy layers Re: help! how do I manage dependencies on JavaScript code?

Greg Troxel gdt at ir.bbn.com
Fri Sep 3 17:24:45 UTC 2010


"Zooko O'Whielacronx" <zooko at zooko.com> writes:

> On Fri, Sep 3, 2010 at 10:03 AM,  <travis+ml-tahoe-dev at subspacefield.org> wrote:
>>
>> My first impression on reading about the project is, "redundancy and
>> crypto in the same tool?  I wonder if they couldn't be separated".
>
> Actually I've been wondering the same thing recently. The encryption
> and the creation of ciphertext-integrity-checks is performed before
> the erasure-coding, so in principle it would be possible to make those
> separately usable or allow composition of alternate implementations of
> them, etc.

As a dependency crank, I should say that I'm not bothered by crypto and
erasure coding being combined.  They work together to make it rational
to use untrusted servers.  I'm also not bothered by the sftp frontend
(although FUSE is the right answer :-).  Basically, depending on things
that are clearly necessary for the main task is fine.  Pulling in things
that aren't necessary for core functions is best avoided.

Also, I'm ambivalent about the WUI.  I think it's fine that it's there,
but it should be possible/reasonable to use the command-line client for
everything and totally ignore the WUI.  That seems almost true, but not
realy.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20100903/9be3d27c/attachment.pgp>


More information about the tahoe-dev mailing list