On Tue, Apr 10, 2001 at 11:00:06PM -0500, Brandon wrote:
> No, most files are under CHKs. So if you request the information and then
> bookmark in some hypothetical bookmarking system (perhaps you write down
> the key on a post-it note) then you can bookmark the CHK.
As a clueless user, would you write down the CHK or the KSK? Or are you
only expecting Freenet to be used by the half-dozen people who understand
how it works?
> So once you've retrieved it, it can't be spoofed the second time. Also,
> anything published by a known publisher or as part of a Freenet site can
> use an SSK and therefore can't be spoofed.
But the front page of the site will probably use a KSK, so the whole site
can be made unavailable by spoofing one KSK. And if it's unavailable to
most users, it will probably fall out of Freenet.
> KSKs are useful for precisely one thing, which is giving an easy to
> remember and type name to a file. You shouldn't trust that the name of a
> file actually describes what's in the file.
KSKs are not file names, they're URLs. I bet 99% of users assume that if
their friend gives them a URL, it points to the file their friend intended
them to see.
> KSKs are very useful. If you're got IMPORTANT data then you should use
> something more secure. No one really cares if [EMAIL PROTECTED] or
> [EMAIL PROTECTED] gets replaced with something else.
So how are they useful? They provide easy-to-remember names for data that
nobody cares about? Isn't that why we have goatse.cx?
> I also often use KSKs to share files with people. I can say "The key is
> picture-for-margaret.jpg." No one is going to attack this because this
> key isn't indexed.
If you have a secure channel for communicating with Margaret, why not
send the picture that way? If you don't, what's to stop an eavesdropper
from replacing picture-for-margaret.jpg with dvda.jpg, ruining (well,
definitely altering) your friendship with Margaret?
Michael
_______________________________________________
Devl mailing list
[EMAIL PROTECTED]
http://lists.freenetproject.org/mailman/listinfo/devl
