SFS makes it practically impossible to do key updates, and the trust model is rather flawed -- if you mount files from one site you in practice end up trusting it totally, which means that it can hand you links to spoofed other sites and you'll in practice totally believe them unless you're paying very close attention and have the ability to perfectly recognize long hashes by eye. It is a neat idea, and certainly instructive, but I don't know that I particularly love it.
i think the difference between sfs and yurl lies in the yurl scheme's use of pet names to make long hashes easier to remember. while this seems like a promising approach, the thought of typing in a new pet name every time i visit a new domain (or mount a new volume via nfs) looks like too high of a burden, interface-wise, on users in general.
perhaps if i could occasionally download (and authenticate with a [pet_name, hash] pair) pre-digested lists of such pairs from opennic or the eff etc, i might feel more inclined to use the system... this opens the possibility of multiple coexisting global namespaces, and raises ye olde' "who do you trust" question...
perhaps we might as well design things that use [global_name, ip_address, pubkey_fingerprint, pet_name] sets, and just get it over with =D
sayke, v3.0
/*
"Do not imagine that Art is something designed to give gentle uplift and self-confidence. Art is not a brassiere. At least, not in the English sense. But do not forget that brassiere is French for life-jacket." -- Julian Barnes, Floubert's Parrot (1984)
*/
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
