Tahoe LAFS browser client

[Mirko Lindner]

Hi Jean-Paul,

thank you for your feedback.

I agree the browser environment has to be utilized with a great amount of
care.

I tried to follow the proposal of the "Great Black Swamp
<https://tahoe-lafs.readthedocs.io/en/latest/proposed/http-storage-node-protocol.html>"
as far as my knowledge would allow me to go. I agree the API would make it
very simple to interact with a storage node and the security model also
makes sense (as far as I understand it), however, it doesn't change the
needs for the use case we are trying to cover.

In our scenario, Bob wants to securely store a file and ensure that only
parties Bob trusts and gives expressed permission can retrieve the file.
For this, I believe, the file needs to be :
- encrypted in order to be unreadable by people intercepting the whole file
- sharded to be unreadable by the storage nodes; and
- only Bob holds the capability to retrieve the required shards to avoid
unwanted access

(Note: AAA on the storage nodes and secure storage of the capability are
addressed elsewhere)

Therefore, to ensure Bob has full control, his client needs to
a) hold own the encryption key
b) manage the sharding; and
c) create the capability

Making the storage nodes really that, pure storage nodes.

It seems to me that the "Great Black Swamp
<https://tahoe-lafs.readthedocs.io/en/latest/proposed/http-storage-node-protocol.html>"
does allow for this scenario, but it does not address the need for a client
that can work in any environment without the need to install additional
software, which is the goal of us proposing a browser-based client.

Regards,
Mirko

On Wed, Apr 3, 2019 at 12:03 AM Jean-Paul Calderone <
jean-paul+tahoe-dev at leastauthority.com> wrote:

> On Mon, Apr 1, 2019 at 2:41 PM Mirko Lindner <mirko.lindner at deviz.io>
> wrote:
>
>> Hi Tahoe LAFS dev community,
>>
>> I found Tahoe LAFS and would love to use it as the basis for my company's
>> projects.
>>
>> In order to do so, I need a browser-based javascript client that can
>> create, encrypt and erasure-encode text/json files, upload them to storage
>> nodes and create the capabilities locally.
>>
>> I was wondering if this or a similar feature is already on the roadmap or
>> if it had been discarded before.
>>
>> I do have some budget available and if this is of interest to others as
>> well, I would love for this work to be done in the right way and ensure it
>> will be open sourced once completed.
>>
>
> Hi Mirko,
>
> Here are a couple thoughts off the top of my head - no conclusions here by
> any means.
>
> The browser is a dangerous environment.  JavaScript itself is fraught but
> it seems like a lot of danger comes not from what *your* code does but
> from all of the other unsavory activity that may be going on in the same
> environment.
>
> I have recently been trying to push forward something called "Great Black
> Swamp
> <https://tahoe-lafs.readthedocs.io/en/latest/proposed/http-storage-node-protocol.html>"
> which is an HTTP-based API for interacting with storage servers.  Half of
> the idea here is that it is a lot easier to implement an HTTP-based API
> (particularly in other languages) than it is to implement the current
> Foolscap-based API.  This isn't specifically about supporting browsers but
> I would imagine a JavaScript client should be able to deal with an
> HTTP-based storage server API fairly easily.
>
> Jean-Paul
>
> _______________________________________________
> tahoe-dev mailing list
> tahoe-dev at tahoe-lafs.org
> https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20190409/84e3463a/attachment.html>