[tahoe-dev] several newbie questions
Shawn Willden
shawn at willden.org
Mon Apr 25 09:31:49 PDT 2011
On Mon, Apr 25, 2011 at 8:17 AM, Miles Fidelman
<mfidelman at meetinghouse.net>wrote:
>
> umm... seems to me that anytime something as simple as a URL (even a
> complicated one) is all that's needed to access/change information - any
> notion of privacy or security goes out the window -- too easy to compromise.
>
This is why some have mentioned that depending on your threat model it may
be a good idea to avoid using the web UI. Browsers save history, cache
retrieved entities, etc.
If you'd like, you can always add an access control layer on top of Tahoe.
Delegate responsibility for knowing and using the actual capabilities to an
access control system. It's easy enough to extract a unique identifier from
a capability (or hash the capability to create a unique ID) so you can have
identifiers which are not capabilities, but are easy to map to
capabilities.
--
Shawn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20110425/927f5374/attachment.html>
More information about the tahoe-dev
mailing list