"Zooko O'Whielacronx" <[email protected]> writes: > cool thing #3: That URL contains a symmetric encryption secret, and all > files stored in that directory are encrypted with it. If you give the URL > to someone, they can read the contents of the files, but if they aren't > given the URL, they can't. The operators of the storage servers which are > storing the files can't (unless someone gives them the URL). This isn't > especially useful for the darcs darcs repository, but you could imagine if > you had a private repository that you didn't want the world to see, you > could use this property.
I can immediately see how the other properties are useful, but I have a hard time believing that you will keep a URL secret. Have you investigated ways URLs are disclosed to third parties, both deliberately "Hey Fred, look at this cool repo!" and accidentally "Hey, someone visited my site directly from <secret URL>, so now it's in my httpd.log!" What benefits does this give over "traditional" security methods such as restricting by originating IP, by username and password (over e.g. SSL), or kerberos? (Maybe you already have a paper or wiki article on this, in which case a link would be sufficient to satisfy my curiosity.) > There's one not-so-cool thing about it: it is slow! I assume that the > slow speed of "darcs get --lazy URL" is due to the combination of > darcs making many separate requests and Tahoe taking a fraction of a > second longer to answer each one than Apache would. Have you tested this theory by using a different client (e.g. curl), tweaking that clients properties, and watching the packets go by (e.g. wireshark)? > That's only an assumption on my part, though -- actual timings or > other diagnostics would be appreciated. I guess not :-) _______________________________________________ darcs-users mailing list [email protected] http://lists.osuosl.org/mailman/listinfo/darcs-users
